SonicWall Analytics On-Prem contains a SQL Injection security (CVE-2022-22280).

SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a proof of concept (PoC) have been made public, and malicious use of this vulnerability has not been reported to SonicWall.

Impact

CVE-2022-22280 is a critical vulnerability (CVSS 9.4) that results in an Improper Neutralization of Special Elements used in a SQL command in SonicWall Analytics On-Prem.

Temporary Mitigations

There is no workaround available for this vulnerability. However, the likelihood of exploitation may be significantly reduced by incorporating a Web Application Firewall (WAF) to block SQLi attempts.

Resolution

SonicWall PSIRT strongly suggests that organizations using the Analytics On-Prem version outlined below should upgrade to the respective patched version immediately.

AFFECTED VERSION PATCHED VERSION ADVISORIES
  • Analytics 2.5.0.3-2520 and earlier
  • Analytics 2.5.0.3-Hotfix-1

Please reference the following deployment guides for guidance on upgrading Analytics On-Prem deployments:

Please reach out to SonicWall support if you require assistance with the upgrade process.

Resources