Lucene search
SophosCVELIST:CVE-2022-0386HistoryMar 21, 2022 - 11:45 p.m.
CVE-2022-0386
2022-03-2123:45:14
Sophos
www.cve.org
10
sql injection
mail manager
sophos utm
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
38.0%
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.
CNA Affected
[
{
"product": "Sophos UTM",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.710",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Sql injection
2022-03-22 00:15:00
nvd
nvd
CVE-2022-0386
2022-03-22 00:15:08
githubexploit
githubexploit
Exploit for SQL Injection in Sophos Unified Threat Management
2023-05-09 08:11:58
cve
cve
CVE-2022-0386
2022-03-22 00:15:08
threatpost
threatpost
Critical Sophos Security Bug Allows RCE on Firewalls
2022-03-28 17:33:43
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
38.0%
Related for CVELIST:CVE-2022-0386