SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.
2022-05-13T20:15:08.133
2024-11-21T06:46:33.363
Modified
CVSSv3.1: 9.8 (CRITICAL)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | sonicwall | sma_6200_firmware | 12.4.0 | Yes |
| Operating System | sonicwall | sma_6200_firmware | 12.4.1 | Yes |
| Hardware | sonicwall | sma_6200 | - | No |
| Operating System | sonicwall | sma_6210_firmware | 12.4.0 | Yes |
| Operating System | sonicwall | sma_6210_firmware | 12.4.1 | Yes |
| Hardware | sonicwall | sma_6210 | - | No |
| Operating System | sonicwall | sma_7200_firmware | 12.4.0 | Yes |
| Operating System | sonicwall | sma_7200_firmware | 12.4.1 | Yes |
| Hardware | sonicwall | sma_7200 | - | No |
| Operating System | sonicwall | sma_7210_firmware | 12.4.0 | Yes |
| Operating System | sonicwall | sma_7210_firmware | 12.4.1 | Yes |
| Hardware | sonicwall | sma_7210 | - | No |
| Operating System | sonicwall | sma_8000v_firmware | 12.4.0 | Yes |
| Operating System | sonicwall | sma_8000v_firmware | 12.4.1 | Yes |
| Hardware | sonicwall | sma_8000v | - | No |