1. CVE-Search
  2. CVE-2022-31790
ID CVE-2022-31790
Summary WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.
References
Vulnerable Configurations
  • cpe:2.3:o:watchguard:fireware:12.8.0:u1:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.8.0:u1:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.7.2:u2:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.7.2:u2:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.7.1:*:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.7.1:*:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.7.0:u1:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.7.0:u1:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.6.3:*:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.6.3:*:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.6.4:*:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.6.1:u3:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.6.1:u3:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.6.1:u1:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.6.1:u1:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.2.0:*:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.5.7:-:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.5.7:-:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.5.7:u1:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.5.7:u1:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.5.7:u2:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.5.7:u2:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.5.9:-:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.5.9:u1:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.0.0:*:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:-:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u1:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u2:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u3:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u4:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u5:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u6:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u7:*:*:*:*:*:*
  • cpe:2.3:o:watchguard:fireware:12.1.3:u8:*:*:*:*:*:*
    cpe:2.3:o:watchguard:fireware:12.1.3:u8:*:*:*:*:*:*
CVSS
Base: None
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
Impact
ConfidentialityIntegrityAvailability
Last major update 10-09-2022 - 03:19
Published 06-09-2022 - 18:15
Last modified 10-09-2022 - 03:19
Back to Top