CVE-2022-22273

Name of the Vulnerable Software and Affected Versions SRA versions 8.x through 9.0.0.5-19sv SMA 100 series products versions 9.0.0.9-26sv and earlier

Description The issue is related to improper neutralization of special elements, leading to an OS Command Injection. This affects end-of-life Secure Remote Access (SRA) products and older firmware versions of Secure Mobile Access (SMA) 100 series products.

Recommendations For SRA versions 8.x through 9.0.0.5-19sv, update to a version later than 9.0.0.5-19sv to resolve the issue. For SMA 100 series products versions 9.0.0.9-26sv and earlier, update to a version later than 9.0.0.9-26sv to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable components of the SRA and SMA 100 series products until a patch is available.