CVE-2022-42889 - any SNWL products affected?
BWC Cybersecurity Overlord ✭✭✭
in Water Cooler
It's exceptional silent about this current CVE-2022-42889 which has a nice score of 9.8.
Is any SNWL product, which heavily relies on Java, affected? Possible candidates are Email Security, SMA 1000 series, GMS and probably NSM and Analytics as well?
@Ena @Micah do you have any insights?
Category: Water Cooler
Hey! You will be signed out in 60 seconds due to inactivity. Click here to continue using the site.
@TKWITS as usual, radio silence. I know PSIRT yada yada yada, but at least Partners should be informed properly first to assess the Situation.
commons-text is listed over here, so my guess is that it is still used or was used before.
As usual silence 😏
SonicWall's Product Security Incident Response Team (PSIRT) recently published the following: https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022
@micah - SonicWall's Self-Service Sr. Manager
Thanks @Micah it's a relief to see that the public facing services like Email Security and SMA 1000 are not impacted, hopefully that will not change later on.