Unified Threat Management@* Security Vulnerabilities and Issues — Unified Threat Management@* CVE List

Lucene search

SophosUnified Threat Management*

4 matches found

CVE•added 2020/09/25 4:23 a.m.•967 views

CVE-2020-25223

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11

10CVSS9.6AI score0.94415EPSS

CVE•added 2022/03/22 12:15 a.m.•102 views

CVE-2022-0652

Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.

7.8CVSS7.7AI score0.00046EPSS

CVE•added 2022/03/22 12:15 a.m.•87 views

CVE-2022-0386

A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.

8.8CVSS8.9AI score0.00342EPSS

CVE•added 2021/07/29 8:15 p.m.•66 views

CVE-2021-25273

Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.

4.8CVSS4.9AI score0.00225EPSS