Security
Headlines
HeadlinesLatestCVEs

Headline

SonicWall urges customers to patch critical SQL injection bug ASAP

SonicWall GMS and Analytics are vulnerable to an SQL injection bug, tracked as CVE-2022-22280. The post SonicWall urges customers to patch critical SQL injection bug ASAP appeared first on Malwarebytes Labs.

Malwarebytes
#sql#vulnerability#web#auth#sap

Cybersecurity hardware company, SonicWall, recently released a public security notice about a critical SQL injection flaw affecting its GMS (Global Management System) and Analytics On-Prem products.

The flaw, which is tracked as CVE-2022-22280, is given a 9.4 critical rating. With the high capability of damage, this vulnerability has low attack complexity, meaning that anyone with little know-how of SQL injection can pull this off. CVE-2022-22280 can be exploited from the network without user interaction nor does it require any authentication.

“SonicWall PSIRT is not aware of active exploitation in the wild. No reports of a proof of concept (PoC) have been made public, and malicious use of this vulnerability has not been reported to SonicWall,” said SonicWall in the security notice.

SonicWall PSIRT strongly suggests that organizations using the Analytics On-Prem version outlined below should upgrade to the respective patched version immediately.

~ SonicWall advisory

Clients using Analytics 2.5.0.3-2520 or earlier and/or GMS 9.3.1-SP2-Hotfix1 or earlier are advised to update to their patched versions, Analytics 2.5.0.3-2520-Hotfix1 and GMS 9.3.1-SP2-Hotfix-2, respectively.

While there are no workarounds for this vulnerability in both affected products, SonicWall advises clients to incorporate a Web Application Firewall (WAF) to protect their web applications from common exploits and vulnerabilities, including SQL injections.

An SQL injection (SQLi) is a well-known, old-school injection attack that has been around for more than 15 years. Threat actors normally use this attack to expose the security gaps in websites. An SQL injection can be done via the use of automated tools, such as Havij, or by manually inserting specific SQL codes in forms or text boxes, such as on a website’s search box.

SQLi has remained the number threat to websites for years, according to records from the Open Web Application Security Project (OWASP). This non-profit organization regularly puts out a list of top 10 threats against websites. Although broken access failure dethroned injection threats in 2021, the latter remains in the top 3.

Related news

CVE-2022-22280

Improper Neutralization of Special Elements used in an SQL Command leading to Unauthenticated SQL Injection vulnerability, impacting SonicWall GMS 9.3.1-SP2-Hotfix1, Analytics On-Prem 2.5.0.3-2520 and earlier versions.

SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products

Network security company SonicWall on Friday rolled out fixes to mitigate a critical SQL injection (SQLi) vulnerability affecting its Analytics On-Prem and Global Management System (GMS) products. The vulnerability, tracked as CVE-2022-22280, is rated 9.4 for severity on the CVSS scoring system and stems from what the company describes is an "improper neutralization of special elements" used in