What is CVE-2022-22282?

CVE-2022-22282 is a vulnerability in Sonicwall Sma1000, classified under Improper Access Control. Published 2022-05-13.

Is CVE-2022-22282 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Sonicwall Sma1000

CVE-2022-22282

SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.

EPSS: 0.004 (58.2th percentile) — read the EPSS interpretation.

Affected products

Sonicwall Sma1000 — versions 12.4.0, 12.4.1

Weakness classification (CWE)

CWE-284 — Improper Access Control

Public proof-of-concept exploits

ARPSyndicate/cve-scores
karimhabush/cyberowl

References

psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0009 (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2022-22282?: CVE-2022-22282 is a vulnerability in Sonicwall Sma1000, classified under Improper Access Control. Published 2022-05-13.
Is CVE-2022-22282 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.