ID
VAR-202207-1096
CVE
CVE-2022-2324
TITLE
SonicWALL of email security Spoofing authentication evasion vulnerability in
Trust: 0.8
sources:
JVNDB: JVNDB-2022-014189
DESCRIPTION
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions. SonicWALL of email security Exists in spoofing authentication evasion vulnerabilities.Information may be tampered with
Trust: 1.8
sources:
NVD: CVE-2022-2324 //
JVNDB: JVNDB-2022-014189 //
VULHUB: VHN-430240 //
VULMON: CVE-2022-2324
AFFECTED PRODUCTS
| vendor: | sonicwall | model: | email security | scope: | lte | version: | 10.0.17.7319 | Trust: 1.0 |
| vendor: | sonicwall | model: | email security | scope: | lte | version: | 10.0.17.7319 and earlier | Trust: 0.8 |
| vendor: | sonicwall | model: | email security | scope: | - | version: | - | Trust: 0.8 |
| vendor: | sonicwall | model: | email security | scope: | eq | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-014189 //
NVD: CVE-2022-2324
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-014189 //
CNNVD: CNNVD-202207-1379 //
NVD: CVE-2022-2324
PROBLEMTYPE DATA
| problemtype: | CWE-290 | Trust: 1.1 |
| problemtype: | CWE-358 | Trust: 1.0 |
| problemtype: | Avoid authentication by spoofing (CWE-290) [NVD evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-430240 //
JVNDB: JVNDB-2022-014189 //
NVD: CVE-2022-2324
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202207-1379
TYPE
security feature problem
Trust: 0.6
sources:
CNNVD: CNNVD-202207-1379
PATCH
| title: | SonicWALL Hosted Email Security Fixing measures for security feature vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=202895 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202207-1379
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-2324 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2022-014189 | Trust: 0.8 |
| db: | CS-HELP | id: | SB2022071506 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202207-1379 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-430240 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2022-2324 | Trust: 0.1 |
sources:
VULHUB: VHN-430240 //
VULMON: CVE-2022-2324 //
JVNDB: JVNDB-2022-014189 //
CNNVD: CNNVD-202207-1379 //
NVD: CVE-2022-2324
REFERENCES
| url: | https://psirt.global.sonicwall.com/vuln-detail/snwlid-2022-0014 | Trust: 2.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-2324 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-2324/ | Trust: 0.6 |
| url: | https://www.cybersecurity-help.cz/vdb/sb2022071506 | Trust: 0.6 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-430240 //
VULMON: CVE-2022-2324 //
JVNDB: JVNDB-2022-014189 //
CNNVD: CNNVD-202207-1379 //
NVD: CVE-2022-2324
SOURCES
| db: | VULHUB | id: | VHN-430240 |
| db: | VULMON | id: | CVE-2022-2324 |
| db: | JVNDB | id: | JVNDB-2022-014189 |
| db: | CNNVD | id: | CNNVD-202207-1379 |
| db: | NVD | id: | CVE-2022-2324 |
LAST UPDATE DATE
2024-08-14T14:02:30.834000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-430240 | date: | 2022-08-08T00:00:00 |
| db: | VULMON | id: | CVE-2022-2324 | date: | 2022-08-01T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-014189 | date: | 2023-09-14T08:14:00 |
| db: | CNNVD | id: | CNNVD-202207-1379 | date: | 2022-08-09T00:00:00 |
| db: | NVD | id: | CVE-2022-2324 | date: | 2022-08-08T18:07:45.857 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-430240 | date: | 2022-07-29T00:00:00 |
| db: | VULMON | id: | CVE-2022-2324 | date: | 2022-07-29T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-014189 | date: | 2023-09-14T00:00:00 |
| db: | CNNVD | id: | CNNVD-202207-1379 | date: | 2022-07-15T00:00:00 |
| db: | NVD | id: | CVE-2022-2324 | date: | 2022-07-29T21:15:09.537 |