All the vulnerabilites related to SonicWall - SonicWall Email Security
cve-2023-0655
Vulnerability from cvelistv5
Published
2023-02-14 00:00
Modified
2024-08-02 05:17
Severity ?
EPSS score ?
Summary
SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| SonicWall | SonicWall Email Security |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:17:50.347Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0002"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicWall Email Security",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.0.19.7431 and earlier versions"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "SonicWall Email Security contains a vulnerability that could permit a remote unauthenticated attacker access to an error page that includes sensitive information about users email addresses."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-209",
"description": "CWE-209: Generation of Error Message Containing Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-02-14T00:00:00",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0002"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2023-0655",
"datePublished": "2023-02-14T00:00:00",
"dateReserved": "2023-02-02T00:00:00",
"dateUpdated": "2024-08-02T05:17:50.347Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-2324
Vulnerability from cvelistv5
Published
2022-07-29 21:05
Modified
2024-08-03 00:32
Severity ?
EPSS score ?
Summary
Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions
References
| ▼ | URL | Tags |
|---|---|---|
| https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0014 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| SonicWall | SonicWall Email Security |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T00:32:09.662Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0014"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SonicWall Email Security",
"vendor": "SonicWall",
"versions": [
{
"status": "affected",
"version": "10.0.17.7319 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-358",
"description": "CWE-358: Improperly Implemented Security Check for Standard",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-07-29T21:05:26",
"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"shortName": "sonicwall"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0014"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "PSIRT@sonicwall.com",
"ID": "CVE-2022-2324",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SonicWall Email Security",
"version": {
"version_data": [
{
"version_value": "10.0.17.7319 and earlier"
}
]
}
}
]
},
"vendor_name": "SonicWall"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improperly Implemented Security Check vulnerability in the SonicWall Hosted Email Security leads to bypass of Capture ATP security service in the appliance. This vulnerability impacts 10.0.17.7319 and earlier versions"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-358: Improperly Implemented Security Check for Standard"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0014",
"refsource": "CONFIRM",
"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0014"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315",
"assignerShortName": "sonicwall",
"cveId": "CVE-2022-2324",
"datePublished": "2022-07-29T21:05:26",
"dateReserved": "2022-07-05T00:00:00",
"dateUpdated": "2024-08-03T00:32:09.662Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}