Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
SophosUnified Threat Management

2 matches found

CVE
CVEadded 2022/03/22 12:15 a.m.102 views

CVE-2022-0652

Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.

7.8CVSS7.7AI score0.00046EPSS
CVE
CVEadded 2022/03/22 12:15 a.m.87 views

CVE-2022-0386

A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.

8.8CVSS8.9AI score0.00342EPSS