CVE-2022-22278 - OpenCVE

A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Sonicwall	Nsa 2650 Nsa 2650 Firmware Nsa 2700 Nsa 2700 Firmware Nsa 3650 Nsa 3650 Firmware Nsa 3700 Nsa 3700 Firmware Nsa 4650 Nsa 4650 Firmware Nsa 4700 Nsa 4700 Firmware Nsa 5650 Nsa 5650 Firmware Nsa 5700 Nsa 5700 Firmware Nsa 6650 Nsa 6650 Firmware Nsa 6700 Nsa 6700 Firmware Nsa 9250 Nsa 9250 Firmware Nsa 9450 Nsa 9450 Firmware Nsa 9650 Nsa 9650 Firmware Nssp 10700 Nssp 10700 Firmware Nssp 11700 Nssp 11700 Firmware Nssp 12400 Nssp 12400 Firmware Nssp 12800 Nssp 12800 Firmware Nssp 13700 Nssp 13700 Firmware Nssp 15700 Nssp 15700 Firmware Nsv 10 Nsv 100 Nsv 100 Firmware Nsv 10 Firmware Nsv 1600 Nsv 1600 Firmware Nsv 200 Nsv 200 Firmware Nsv 25 Nsv 25 Firmware Nsv 270 Nsv 270 Firmware Nsv 300 Nsv 300 Firmware Nsv 400 Nsv 400 Firmware Nsv 470 Nsv 470 Firmware Nsv 50 Nsv 50 Firmware Nsv 800 Nsv 800 Firmware Nsv 870 Nsv 870 Firmware Tz300p Tz300p Firmware Tz300w Tz300w Firmware Tz350 Tz350 Firmware Tz350w Tz350w Firmware Tz370 Tz370 Firmware Tz370w Tz370w Firmware Tz400 Tz400 Firmware Tz400w Tz400w Firmware Tz470 Tz470 Firmware Tz470w Tz470w Firmware Tz500 Tz500 Firmware Tz500w Tz500w Firmware Tz570 Tz570 Firmware Tz570p Tz570p Firmware Tz570w Tz570w Firmware Tz600 Tz600 Firmware Tz600p Tz600p Firmware Tz670 Tz670 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:sonicwall:tz300p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz300p:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:sonicwall:tz300w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz300w:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:sonicwall:tz350_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz350:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:sonicwall:tz350w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz350w:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND

cpe:2.3:o:sonicwall:nssp_10700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_10700:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:sonicwall:nssp_11700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_11700:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:sonicwall:nssp_12400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_12400:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:sonicwall:nssp_12800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_12800:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:sonicwall:nssp_13700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_13700:-:*:*:*:*:*:*:*

Configuration 10 [-]

AND

cpe:2.3:o:sonicwall:nssp_15700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nssp_15700:-:*:*:*:*:*:*:*

Configuration 11 [-]

AND

cpe:2.3:o:sonicwall:tz370_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*

Configuration 12 [-]

AND

cpe:2.3:o:sonicwall:tz370w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*

Configuration 13 [-]

AND

cpe:2.3:o:sonicwall:tz400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz400:-:*:*:*:*:*:*:*

Configuration 14 [-]

AND

cpe:2.3:o:sonicwall:nsv_10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_10:-:*:*:*:*:*:*:*

Configuration 15 [-]

AND

cpe:2.3:o:sonicwall:nsv_100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_100:-:*:*:*:*:*:*:*

Configuration 16 [-]

AND

cpe:2.3:o:sonicwall:nsv_1600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_1600:-:*:*:*:*:*:*:*

Configuration 17 [-]

AND

cpe:2.3:o:sonicwall:nsv_200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_200:-:*:*:*:*:*:*:*

Configuration 18 [-]

AND

cpe:2.3:o:sonicwall:nsv_25_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_25:-:*:*:*:*:*:*:*

Configuration 19 [-]

AND

cpe:2.3:o:sonicwall:nsv_270_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_270:-:*:*:*:*:*:*:*

Configuration 20 [-]

AND

cpe:2.3:o:sonicwall:nsv_300_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_300:-:*:*:*:*:*:*:*

Configuration 21 [-]

AND

cpe:2.3:o:sonicwall:nsv_400_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_400:-:*:*:*:*:*:*:*

Configuration 22 [-]

AND

cpe:2.3:o:sonicwall:nsv_470_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_470:-:*:*:*:*:*:*:*

Configuration 23 [-]

AND

cpe:2.3:o:sonicwall:nsv_50_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_50:-:*:*:*:*:*:*:*

Configuration 24 [-]

AND

cpe:2.3:o:sonicwall:nsv_800_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_800:-:*:*:*:*:*:*:*

Configuration 25 [-]

AND

cpe:2.3:o:sonicwall:nsv_870_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsv_870:-:*:*:*:*:*:*:*

Configuration 26 [-]

AND

cpe:2.3:o:sonicwall:tz400w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz400w:-:*:*:*:*:*:*:*

Configuration 27 [-]

AND

cpe:2.3:o:sonicwall:tz470_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*

Configuration 28 [-]

AND

cpe:2.3:o:sonicwall:tz470w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*

Configuration 29 [-]

AND

cpe:2.3:o:sonicwall:tz500_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz500:-:*:*:*:*:*:*:*

Configuration 30 [-]

AND

cpe:2.3:o:sonicwall:nsa_2650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_2650:-:*:*:*:*:*:*:*

Configuration 31 [-]

AND

cpe:2.3:o:sonicwall:nsa_2700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*

Configuration 32 [-]

AND

cpe:2.3:o:sonicwall:nsa_3650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_3650:-:*:*:*:*:*:*:*

Configuration 33 [-]

AND

cpe:2.3:o:sonicwall:nsa_3700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*

Configuration 34 [-]

AND

cpe:2.3:o:sonicwall:nsa_4650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_4650:-:*:*:*:*:*:*:*

Configuration 35 [-]

AND

cpe:2.3:o:sonicwall:nsa_4700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_4700:-:*:*:*:*:*:*:*

Configuration 36 [-]

AND

cpe:2.3:o:sonicwall:nsa_5650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_5650:-:*:*:*:*:*:*:*

Configuration 37 [-]

AND

cpe:2.3:o:sonicwall:nsa_5700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_5700:-:*:*:*:*:*:*:*

Configuration 38 [-]

AND

cpe:2.3:o:sonicwall:nsa_6650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_6650:-:*:*:*:*:*:*:*

Configuration 39 [-]

AND

cpe:2.3:o:sonicwall:nsa_6700_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_6700:-:*:*:*:*:*:*:*

Configuration 40 [-]

AND

cpe:2.3:o:sonicwall:nsa_9250_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_9250:-:*:*:*:*:*:*:*

Configuration 41 [-]

AND

cpe:2.3:o:sonicwall:nsa_9450_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_9450:-:*:*:*:*:*:*:*

Configuration 42 [-]

AND

cpe:2.3:o:sonicwall:nsa_9650_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:nsa_9650:-:*:*:*:*:*:*:*

Configuration 43 [-]

AND

cpe:2.3:o:sonicwall:tz500w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz500w:-:*:*:*:*:*:*:*

Configuration 44 [-]

AND

cpe:2.3:o:sonicwall:tz570_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*

Configuration 45 [-]

AND

cpe:2.3:o:sonicwall:tz570p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*

Configuration 46 [-]

AND

cpe:2.3:o:sonicwall:tz570w_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*

Configuration 47 [-]

AND

cpe:2.3:o:sonicwall:tz600_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz600:-:*:*:*:*:*:*:*

Configuration 48 [-]

AND

cpe:2.3:o:sonicwall:tz600p_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz600p:-:*:*:*:*:*:*:*

Configuration 49 [-]

AND

cpe:2.3:o:sonicwall:tz670_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0004

History

No history.

MITRE

Status: PUBLISHED

Assigner: sonicwall

Published: 2022-04-27T16:25:18

Updated: 2024-08-03T03:07:50.277Z

Reserved: 2021-12-29T00:00:00

Link: CVE-2022-22278

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2022-04-27T17:15:07.453

Modified: 2022-05-06T17:56:55.140

Link: CVE-2022-22278

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object