VulnCheck KEV: CVE-2023-22897

An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not use...

CVE-2023-22897

An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not use...

PT-2023-18591 · Securepoint · Securepoint Utm

Name of the Vulnerable Software and Affected Versions: SecurePoint UTM versions prior to 12.2.5.1 Description: An issue was discovered in the firewall's endpoint at "/spcgi.cgi" that allows sessionid information disclosure via an invalid authentication attempt. This can be used to bypass the...

PT-2023-18760 · Securepoint · Securepoint Utm

Name of the Vulnerable Software and Affected Versions: SecurePoint UTM versions prior to 12.2.5.1 Description: An issue in the firewall's endpoint at "/spcgi.cgi" allows information disclosure of memory contents to be achieved by an authenticated user. Uninitialized data can be retrieved via an...