Vulnerability Details CVE-2022-1702
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 77.0%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 5.8
References
Products affected by CVE-2022-1702
-
cpe:2.3:h:sonicwall:sma_6200:-
-
cpe:2.3:h:sonicwall:sma_6210:-
-
cpe:2.3:h:sonicwall:sma_7200:-
-
cpe:2.3:h:sonicwall:sma_7210:-
-
cpe:2.3:h:sonicwall:sma_8000v:-
-
cpe:2.3:o:sonicwall:sma_6200_firmware:12.4.0
-
cpe:2.3:o:sonicwall:sma_6200_firmware:12.4.1
-
cpe:2.3:o:sonicwall:sma_6210_firmware:12.4.0
-
cpe:2.3:o:sonicwall:sma_6210_firmware:12.4.1
-
cpe:2.3:o:sonicwall:sma_7200_firmware:12.4.0
-
cpe:2.3:o:sonicwall:sma_7200_firmware:12.4.1
-
cpe:2.3:o:sonicwall:sma_7210_firmware:12.4.0
-
cpe:2.3:o:sonicwall:sma_7210_firmware:12.4.1
-
cpe:2.3:o:sonicwall:sma_8000v_firmware:12.4.0
-
cpe:2.3:o:sonicwall:sma_8000v_firmware:12.4.1