CVE-2022-22280

Summary

Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.

Affected Software

VendorProductVersion RangeStatus
SonicWallSonicWall GMS9.3.1-SP2-Hotfix1 and earlieraffected
SonicWallSonicWall Analytics On-Prem2.5.0.3-2520 and earlieraffected

Weaknesses

  • CWE-89: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CVE Program Container

Additional References

References