{
    "file_item": {
        "filepath": "security-advisories",
        "filename": "CERT-EU-SA2022-054.pdf"
    },
    "title": "Critical SQL Injection Vulnerability",
    "serial_number": "2022-054",
    "publish_date": "25-07-2022 14:21:00",
    "description": "On July 21st, 2022, SonicWall released security patches for their Analytics On-Prem and GMS products, addressing a critical SQL injection flaw. Currently, no reports of a proof of concept (PoC) have been made public and there is no active exploitation in the wild. Nevertheless, immediate update to the patched versions is recommended.",
    "url_title": "2022-054",
    "content_markdown": "---\ntitle: 'Critical SQL Injection Vulnerability'\nversion: '1.0'\nnumber: '2022-054'\noriginal_date: 'July 21, 2022'\ndate: 'July 25, 2022'\n---\n\n_History:_\n\n* _25/07/2022 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn July 21st, 2022, SonicWall released security patches for their **Analytics On-Prem** and **GMS** products, addressing a critical SQL injection flaw [1,2]. Currently, no reports of a proof of concept (PoC) have been made public and there is no active exploitation in the wild.\n\nNevertheless, immediate update to the patched versions is recommended.\n\n# Technical Details\n\nThe vulnerability is being tracked as CVE-2022-22280, it has been rated as  critical (CVSS 9.4) and it allows **unauthenticated SQL injection** due to an Improper Neutralization of Special Elements used in an SQL command, impacting SonicWall GMS and Analytics On-Prem [1,2]. \n\n# Affected Products\n\nThe following product versions are affected from this flaw:\n\n- GMS 9.3.1-SP2-Hotfix-1 and earlier\n- Analytics 2.5.0.3-2520 and earlier\n\n# Recommendations\n\nIt is strongly recommended to update to the respective fixed versions:\n\n- GMS 9.3.1-SP2-Hotfix-2\n- Analytics 2.5.0.3-Hotfix-1\n\nAdditionally, SonicWall suggests that the likelihood of exploitation may be significantly reduced by incorporating a Web Application Firewall (WAF) to block SQL injection attempts.\n\n# References\n\n[1] <https://www.sonicwall.com/support/knowledge-base/security-notice-sonicwall-gms-sql-injection-vulnerability/220613083124303/>\n\n[2] <https://www.sonicwall.com/support/notices/security-notice-sonicwall-analytics-on-prem-sql-injection-vulnerability/220613083254037/>\n",
    "content_html": "<p><em>History:</em></p><ul><li><em>25/07/2022 --- v1.0 -- Initial publication</em></li></ul><h2 id=\"summary\">Summary</h2><p>On July 21st, 2022, SonicWall released security patches for their <strong>Analytics On-Prem</strong> and <strong>GMS</strong> products, addressing a critical SQL injection flaw [1,2]. Currently, no reports of a proof of concept (PoC) have been made public and there is no active exploitation in the wild.</p><p>Nevertheless, immediate update to the patched versions is recommended.</p><h2 id=\"technical-details\">Technical Details</h2><p>The vulnerability is being tracked as CVE-2022-22280, it has been rated as critical (CVSS 9.4) and it allows <strong>unauthenticated SQL injection</strong> due to an Improper Neutralization of Special Elements used in an SQL command, impacting SonicWall GMS and Analytics On-Prem [1,2]. </p><h2 id=\"affected-products\">Affected Products</h2><p>The following product versions are affected from this flaw:</p><ul><li>GMS 9.3.1-SP2-Hotfix-1 and earlier</li><li>Analytics 2.5.0.3-2520 and earlier</li></ul><h2 id=\"recommendations\">Recommendations</h2><p>It is strongly recommended to update to the respective fixed versions:</p><ul><li>GMS 9.3.1-SP2-Hotfix-2</li><li>Analytics 2.5.0.3-Hotfix-1</li></ul><p>Additionally, SonicWall suggests that the likelihood of exploitation may be significantly reduced by incorporating a Web Application Firewall (WAF) to block SQL injection attempts.</p><h2 id=\"references\">References</h2><p>[1] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.sonicwall.com/support/knowledge-base/security-notice-sonicwall-gms-sql-injection-vulnerability/220613083124303/\">https://www.sonicwall.com/support/knowledge-base/security-notice-sonicwall-gms-sql-injection-vulnerability/220613083124303/</a></p><p>[2] <a rel=\"noopener\" target=\"_blank\" href=\"https://www.sonicwall.com/support/notices/security-notice-sonicwall-analytics-on-prem-sql-injection-vulnerability/220613083254037/\">https://www.sonicwall.com/support/notices/security-notice-sonicwall-analytics-on-prem-sql-injection-vulnerability/220613083254037/</a></p>",
    "licence": {
        "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)",
        "link": "https://creativecommons.org/licenses/by/4.0/",
        "restrictions": "https://cert.europa.eu/legal-notice",
        "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies"
    }
}