CVE-2022-22278
Description
A vulnerability in SonicOS CFS (Content filtering service) returns a large 403 forbidden HTTP response message to the source address when users try to access prohibited resource this allows an attacker to cause HTTP Denial of Service (DoS) attack
Related CPE's
CvssV3 impact
Version | 3.1 |
VectorString | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
AttackVector | NETWORK |
AttackComplexity | LOW |
PrivilegesRequired | NONE |
UserInteraction | NONE |
Scope | UNCHANGED |
ConfidentialityImpact | NONE |
IntegrityImpact | NONE |
AvailabilityImpact | HIGH |
BaseScore | 7.5 |
BaseSeverity | HIGH |
CvssV2 impact
Version | 2.0 |
VectorString | AV:N/AC:L/Au:N/C:N/I:N/A:P |
AccessVector | NETWORK |
AccessComplexity | LOW |
Authentication | NONE |
ConfidentialityImpact | NONE |
IntegrityImpact | NONE |
AvailabilityImpact | PARTIAL |
BaseScore | 5 |