{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-3470", "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "state": "PUBLISHED", "assignerShortName": "sonicwall", "dateReserved": "2026-03-03T10:00:16.245Z", "datePublished": "2026-03-31T20:19:38.338Z", "dateUpdated": "2026-03-31T20:34:15.574Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "shortName": "sonicwall", "dateUpdated": "2026-03-31T20:19:38.338Z"}, "datePublic": "2026-03-31T06:00:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-20", "description": "CWE-20 Improper input validation", "type": "CWE"}]}], "affected": [{"vendor": "SonicWall", "product": "Email Security", "platforms": ["Linux", "Windows"], "versions": [{"status": "affected", "version": "10.0.34.8215 and earlier versions"}, {"status": "affected", "version": "10.0.34.8223 and earlier versions"}], "defaultStatus": "unknown"}], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database."}]}], "references": [{"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002", "tags": ["vendor-advisory"]}], "credits": [{"lang": "en", "value": "Brian Mariani of DigitalCanion SA - www.digitalcanion.com", "type": "finder"}], "source": {"advisory": "SNWLID-2026-0002", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T20:34:11.598748Z", "id": "CVE-2026-3470", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T20:34:15.574Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.8, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-3470", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T20:34:11.598748Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T20:34:08.852Z"}}], "cna": {"source": {"advisory": "SNWLID-2026-0002", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Brian Mariani of DigitalCanion SA - www.digitalcanion.com"}], "affected": [{"vendor": "SonicWall", "product": "Email Security", "versions": [{"status": "affected", "version": "10.0.34.8215 and earlier versions"}, {"status": "affected", "version": "10.0.34.8223 and earlier versions"}], "platforms": ["Linux", "Windows"], "defaultStatus": "unknown"}], "datePublic": "2026-03-31T06:00:00.000Z", "references": [{"url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database.", "supportingMedia": [{"type": "text/html", "value": "A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20 Improper input validation"}]}], "providerMetadata": {"orgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "shortName": "sonicwall", "dateUpdated": "2026-03-31T20:19:38.338Z"}}}, "cveMetadata": {"cveId": "CVE-2026-3470", "state": "PUBLISHED", "dateUpdated": "2026-03-31T20:34:15.574Z", "dateReserved": "2026-03-03T10:00:16.245Z", "assignerOrgId": "44b2ff79-1416-4492-88bb-ed0da00c7315", "datePublished": "2026-03-31T20:19:38.338Z", "assignerShortName": "sonicwall"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database."}], "id": "CVE-2026-3470", "lastModified": "2026-04-01T14:23:37.727", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.8, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 2.5, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-31T21:16:33.363", "references": [{"source": "PSIRT@sonicwall.com", "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002"}], "sourceIdentifier": "PSIRT@sonicwall.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "PSIRT@sonicwall.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": ["linux", "windows"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,10.0.34.8215]"}}, {"platform": ["linux", "windows"], "status": "affected", "versions": {"scheme": "generic", "value": "[0,10.0.34.8223]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "matching", "scores": [{"score": 100.0, "source": "matching"}]}, "original": {"product": "Email Security", "source": "cna", "vendor": "SonicWall"}, "product": "email_security", "vendor": "sonicwall"}], "analysis": {"en": {"generated_at": "2026-04-01T06:41:59.093244+00:00", "value": {"mitigation_remediation": ["Review the SonicWall PSIRT advisory and apply the available patch or upgrade appliance firmware.", "If a patch is not yet available, restrict admin access to trusted networks and enforce strong authentication.", "Monitor the Email Security appliance logs for unexpected database changes or corruption events.", "Verify database integrity and perform regular backups to mitigate data loss."], "summary": {"action": "Apply Patch", "impact": "Data corruption of the application database"}, "threat_synthesis": {"affected_systems": "The affected product is the SonicWall Email Security appliance. No specific firmware or software version numbers are listed in the advisory, but all installations of this appliance are considered vulnerable until a patch or update is applied.", "description_and_impact": "An incorrect input sanitization check in SonicWall Email Security allows a remote authenticated attacker with administrative privileges to submit crafted data that corrupts the appliance\u2019s database. Because the vulnerability stems from improper input validation (CWE\u201120), the attacker can potentially disrupt the integrity of stored information and cause denial of service by rendering database records unusable. This loss of data integrity jeopardizes the reliability of the email security service and could result in missed or improperly filtered communications.", "risk_and_exploitability": "The CVSS score of 3.8 reflects a low\u2011to\u2011moderate severity. Exploitation requires remote access to the appliance and an authenticated admin account, implying that the attacker must already possess privileged credentials or compromise account credentials. Because EPSS data and KEV status are unavailable, it is unclear how widespread exploitation has occurred. The vulnerability is not listed in CISA\u2019s KEV, suggesting no confirmed public exploitation yet, but the low CVSS score does not preclude usage in targeted attacks. The primary attack vector is inferred to be over the management interface or API, given the need for remote authenticated input."}}}}, "created": "2026-04-02T07:52:54.534915+00:00", "updated": "2026-04-02T20:10:51.235700+00:00", "vendors": ["sonicwall", "sonicwall$PRODUCT$email_security"]}