What is the sonicwall CNA?
sonicwall is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 172 CVE records since 2018.
How many CVEs has sonicwall published?
sonicwall has published 172 CVE records, including 50 in the last two years.
What is sonicwall's CVE data quality grade?
RadicalNotion.AI grades sonicwall's CVE data quality as C, with an overall completeness score of 75.6%. This reflects how consistently its CVE records include vendor (100%), product (100%), CVSS (2.3%), and CWE (100%) information.
What products does sonicwall publish CVEs for?
sonicwall most frequently publishes CVEs for SonicOS, sma 410 firmware, sma 210 firmware, tz370, SMA 210.
Which vendors does sonicwall cover?
sonicwall publishes CVEs across 2 distinct vendors, most often SonicWall, microsoft.
Is sonicwall actively publishing CVEs?
sonicwall is currently active, based on 50 CVEs in the last two years.
What is the average severity of sonicwall's CVEs?
The average CVSS base score across sonicwall's scored CVEs is 7.4.
How many critical CVEs has sonicwall published?
sonicwall has published 14 critical-severity CVEs and 46 high-severity CVEs.
Are any of sonicwall's CVEs in CISA's Known Exploited Vulnerabilities catalog?
Yes. 15 of sonicwall's CVEs are listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, meaning they are confirmed to be exploited in the wild.
What are the most common weakness types in sonicwall's CVEs?
sonicwall's CVEs most often map to these CWE weakness types: CWE-121 (Stack-based Buffer Overflow), CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')), CWE-89 (Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')), CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')).
How does sonicwall rank among CNAs?
By total CVE volume, sonicwall ranks #91 of 370 CNAs, and it reports more complete CVE records than 25% of all CNAs.
