Hosted Email Security
CVE-2022-2324
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Lifecycle Timeline
1DescriptionNVD
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions
AnalysisAI
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-358. Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions Affected products include: Sonicwall Hosted Email Security.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Hosted Email Security
View allA vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload a
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today