SonicWall Analytics On-Prem contains a SQL Injection security (CVE-2022-22280).
SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a proof of concept (PoC) have been made public, and malicious use of this vulnerability has not been reported to SonicWall.
Impact
CVE-2022-22280 is a critical vulnerability (CVSS 9.4) that results in an Improper Neutralization of Special Elements used in a SQL command in SonicWall Analytics On-Prem.
Temporary Mitigations
There is no workaround available for this vulnerability. However, the likelihood of exploitation may be significantly reduced by incorporating a Web Application Firewall (WAF) to block SQLi attempts.
Resolution
SonicWall PSIRT strongly suggests that organizations using the Analytics On-Prem version outlined below should upgrade to the respective patched version immediately.
AFFECTED VERSION | PATCHED VERSION | ADVISORIES |
|
|
|
Please reference the following deployment guides for guidance on upgrading Analytics On-Prem deployments:
- SonicWall On-Premises Analytics: ESXi Deployment Guide
- SonicWall On-Premises Analytics: Hyper-V Deployment Guide
- SonicWall On-Premises Analytics: Azure Deployment Guide
Please reach out to SonicWall support if you require assistance with the upgrade process.