Vulnerabilites related to sophos - unified_threat_management
cve-2022-0652
Vulnerability from cvelistv5
Published
2022-03-21 23:45
Modified
2024-08-02 23:32
Severity ?
EPSS score ?
Summary
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Sophos | Sophos UTM |
Version: unspecified < 9.710 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:32:46.552Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sophos UTM",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.710",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Confd log files contain local users\u0027, including root\u2019s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-21T23:45:15",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-0652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos UTM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.710"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Confd log files contain local users\u0027, including root\u2019s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-0652",
"datePublished": "2022-03-21T23:45:15",
"dateReserved": "2022-02-16T00:00:00",
"dateUpdated": "2024-08-02T23:32:46.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2016-0777
Vulnerability from cvelistv5
Published
2016-01-14 00:00
Modified
2024-08-05 22:30
Severity ?
EPSS score ?
Summary
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:30:04.441Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/"
},
{
"name": "SUSE-SU-2016:0117",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"name": "APPLE-SA-2016-03-21-5",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
},
{
"name": "20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537295/100/0/threaded"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.apple.com/HT206167"
},
{
"name": "FEDORA-2016-4556904561",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10734"
},
{
"name": "80695",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/80695"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "FreeBSD-SA-16:07",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc"
},
{
"name": "FEDORA-2016-c330264861",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openssh.com/txt/release-7.1p2"
},
{
"name": "openSUSE-SU-2016:0128",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html"
},
{
"name": "FEDORA-2016-2e89eba0c1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bto.bluecoat.com/security-advisory/sa109"
},
{
"name": "1034671",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1034671"
},
{
"name": "openSUSE-SU-2016:0127",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html"
},
{
"name": "GLSA-201601-01",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201601-01"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "[oss-security] 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/7"
},
{
"name": "20160115 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/44"
},
{
"name": "SUSE-SU-2016:0119",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html"
},
{
"name": "SUSE-SU-2016:0118",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html"
},
{
"name": "FEDORA-2016-67c6ef0d4f",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html"
},
{
"name": "SUSE-SU-2016:0120",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html"
},
{
"name": "USN-2869-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2869-1"
},
{
"tags": [
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "DSA-3446",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3446"
},
{
"tags": [
"x_transferred"
],
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-01-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-12-13T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/"
},
{
"name": "SUSE-SU-2016:0117",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html"
},
{
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"name": "APPLE-SA-2016-03-21-5",
"tags": [
"vendor-advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
},
{
"name": "20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778",
"tags": [
"mailing-list"
],
"url": "http://www.securityfocus.com/archive/1/537295/100/0/threaded"
},
{
"url": "https://support.apple.com/HT206167"
},
{
"name": "FEDORA-2016-4556904561",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10734"
},
{
"name": "80695",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/80695"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"name": "FreeBSD-SA-16:07",
"tags": [
"vendor-advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc"
},
{
"name": "FEDORA-2016-c330264861",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"url": "http://www.openssh.com/txt/release-7.1p2"
},
{
"name": "openSUSE-SU-2016:0128",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html"
},
{
"name": "FEDORA-2016-2e89eba0c1",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"
},
{
"url": "https://bto.bluecoat.com/security-advisory/sa109"
},
{
"name": "1034671",
"tags": [
"vdb-entry"
],
"url": "http://www.securitytracker.com/id/1034671"
},
{
"name": "openSUSE-SU-2016:0127",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html"
},
{
"name": "GLSA-201601-01",
"tags": [
"vendor-advisory"
],
"url": "https://security.gentoo.org/glsa/201601-01"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"name": "[oss-security] 20160114 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778",
"tags": [
"mailing-list"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/7"
},
{
"name": "20160115 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778",
"tags": [
"mailing-list"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/44"
},
{
"name": "SUSE-SU-2016:0119",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html"
},
{
"url": "http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html"
},
{
"name": "SUSE-SU-2016:0118",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html"
},
{
"name": "FEDORA-2016-67c6ef0d4f",
"tags": [
"vendor-advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html"
},
{
"name": "SUSE-SU-2016:0120",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html"
},
{
"name": "USN-2869-1",
"tags": [
"vendor-advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2869-1"
},
{
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"name": "DSA-3446",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3446"
},
{
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-0777",
"datePublished": "2016-01-14T00:00:00",
"dateReserved": "2015-12-16T00:00:00",
"dateUpdated": "2024-08-05T22:30:04.441Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0386
Vulnerability from cvelistv5
Published
2022-03-21 23:45
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Sophos | Sophos UTM |
Version: unspecified < 9.710 |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:40.274Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sophos UTM",
"vendor": "Sophos",
"versions": [
{
"lessThan": "9.710",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-21T23:45:14",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2022-0386",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos UTM",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "9.710"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710",
"refsource": "CONFIRM",
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2022-0386",
"datePublished": "2022-03-21T23:45:14",
"dateReserved": "2022-01-26T00:00:00",
"dateUpdated": "2024-08-02T23:25:40.274Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3238
Vulnerability from cvelistv5
Published
2012-07-09 22:00
Modified
2024-09-17 02:12
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
References
| ▼ | URL | Tags |
|---|---|---|
| http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html | mailing-list, x_refsource_FULLDISC | |
| http://security.inshell.net/advisory/27 | x_refsource_MISC | |
| http://www.astaro.com/en-uk/blog/up2date/8305 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:57:50.365Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120610 [CVE-2012-3238] Astaro Security Gateway \u003c= v8.304 Persistent Cross-Site Scripting Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://security.inshell.net/advisory/27"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.astaro.com/en-uk/blog/up2date/8305"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the \"Comment (optional)\" field."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-07-09T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120610 [CVE-2012-3238] Astaro Security Gateway \u003c= v8.304 Persistent Cross-Site Scripting Vulnerability",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://security.inshell.net/advisory/27"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.astaro.com/en-uk/blog/up2date/8305"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-3238",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the \"Comment (optional)\" field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120610 [CVE-2012-3238] Astaro Security Gateway \u003c= v8.304 Persistent Cross-Site Scripting Vulnerability",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html"
},
{
"name": "http://security.inshell.net/advisory/27",
"refsource": "MISC",
"url": "http://security.inshell.net/advisory/27"
},
{
"name": "http://www.astaro.com/en-uk/blog/up2date/8305",
"refsource": "CONFIRM",
"url": "http://www.astaro.com/en-uk/blog/up2date/8305"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-3238",
"datePublished": "2012-07-09T22:00:00Z",
"dateReserved": "2012-06-06T00:00:00Z",
"dateUpdated": "2024-09-17T02:12:02.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-25273
Vulnerability from cvelistv5
Published
2021-07-29 19:17
Modified
2024-08-03 19:56
Severity ?
EPSS score ?
Summary
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
References
| ▼ | URL | Tags |
|---|---|---|
| https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released | x_refsource_CONFIRM | |
| http://seclists.org/fulldisclosure/2021/Dec/3 | mailing-list, x_refsource_FULLDISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | Sophos | Sophos UTM |
Version: unspecified < |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:56:11.066Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released"
},
{
"name": "20211203 usd AG Security Advisories 11/2021",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Sophos UTM",
"vendor": "Sophos",
"versions": [
{
"lessThanOrEqual": "9.705",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Daniel Hoffmann, usd AG"
}
],
"descriptions": [
{
"lang": "en",
"value": "Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-03T18:06:08",
"orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"shortName": "Sophos"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released"
},
{
"name": "20211203 usd AG Security Advisories 11/2021",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security-alert@sophos.com",
"ID": "CVE-2021-25273",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Sophos UTM",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_value": "9.705"
}
]
}
}
]
},
"vendor_name": "Sophos"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Daniel Hoffmann, usd AG"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released",
"refsource": "CONFIRM",
"url": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released"
},
{
"name": "20211203 usd AG Security Advisories 11/2021",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Dec/3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
"assignerShortName": "Sophos",
"cveId": "CVE-2021-25273",
"datePublished": "2021-07-29T19:17:34",
"dateReserved": "2021-01-15T00:00:00",
"dateUpdated": "2024-08-03T19:56:11.066Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-25223
Vulnerability from cvelistv5
Published
2020-09-25 00:00
Modified
2024-08-04 15:33
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T15:33:05.408Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.sophos.com/b/security-blog"
},
{
"tags": [
"x_transferred"
],
"url": "https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/164697/Sophos-UTM-WebAdmin-SID-Command-Injection.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.secpod.com/blog/remote-code-execution-in-sophos-utm/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-17T16:44:31.177569",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"url": "https://community.sophos.com/b/security-blog"
},
{
"url": "https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223"
},
{
"url": "http://packetstormsecurity.com/files/164697/Sophos-UTM-WebAdmin-SID-Command-Injection.html"
},
{
"url": "https://www.secpod.com/blog/remote-code-execution-in-sophos-utm/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-25223",
"datePublished": "2020-09-25T00:00:00",
"dateReserved": "2020-09-10T00:00:00",
"dateUpdated": "2024-08-04T15:33:05.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2537
Vulnerability from cvelistv5
Published
2014-03-18 14:00
Modified
2024-08-06 10:14
Severity ?
EPSS score ?
Summary
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id/1029920 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/57344 | third-party-advisory, x_refsource_SECUNIA | |
| http://blogs.sophos.com/2014/02/20/utm-up2date-9-109/ | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/66231 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:14:26.610Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1029920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1029920"
},
{
"name": "57344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/57344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://blogs.sophos.com/2014/02/20/utm-up2date-9-109/"
},
{
"name": "66231",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/66231"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-02-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-03-27T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1029920",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1029920"
},
{
"name": "57344",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/57344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://blogs.sophos.com/2014/02/20/utm-up2date-9-109/"
},
{
"name": "66231",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/66231"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1029920",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1029920"
},
{
"name": "57344",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/57344"
},
{
"name": "http://blogs.sophos.com/2014/02/20/utm-up2date-9-109/",
"refsource": "CONFIRM",
"url": "http://blogs.sophos.com/2014/02/20/utm-up2date-9-109/"
},
{
"name": "66231",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/66231"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2537",
"datePublished": "2014-03-18T14:00:00",
"dateReserved": "2014-03-18T00:00:00",
"dateUpdated": "2024-08-06T10:14:26.610Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2022-03-22 00:15
Modified
2024-11-21 06:38
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | unified_threat_management | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1930A0C8-5884-42E6-856D-F66B137FEEB5",
"versionEndExcluding": "9.710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710."
},
{
"lang": "es",
"value": "Una vulnerabilidad de inyecci\u00f3n SQL posterior a la autenticaci\u00f3n en Mail Manager permite potencialmente a un atacante autenticado ejecutar c\u00f3digo en Sophos UTM versiones anteriores a 9.710"
}
],
"id": "CVE-2022-0386",
"lastModified": "2024-11-21T06:38:30.870",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "security-alert@sophos.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-22T00:15:08.277",
"references": [
{
"source": "security-alert@sophos.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"sourceIdentifier": "security-alert@sophos.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-07-29 20:15
Modified
2024-11-21 05:54
Severity ?
Summary
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| security-alert@sophos.com | http://seclists.org/fulldisclosure/2021/Dec/3 | Exploit, Mailing List, Third Party Advisory | |
| security-alert@sophos.com | https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released | Release Notes, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://seclists.org/fulldisclosure/2021/Dec/3 | Exploit, Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released | Release Notes, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | unified_threat_management | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2957C11D-35F2-4C1D-B27E-14912B493EEC",
"versionEndExcluding": "9.706",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706."
},
{
"lang": "es",
"value": "Una vulnerabilidad de tipo XSS almacenado puede ejecutarse como administrador en la visualizaci\u00f3n de detalles del correo electr\u00f3nico en cuarentena en Sophos UTM versiones anteriores a 9.706"
}
],
"id": "CVE-2021-25273",
"lastModified": "2024-11-21T05:54:39.497",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.7,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-07-29T20:15:07.580",
"references": [
{
"source": "security-alert@sophos.com",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/3"
},
{
"source": "security-alert@sophos.com",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2021/Dec/3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "https://community.sophos.com/utm-firewall/b/blog/posts/utm-up2date-9-706-released"
}
],
"sourceIdentifier": "security-alert@sophos.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-07-09 22:55
Modified
2024-11-21 01:40
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the "Comment (optional)" field.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:astaro:security_gateway_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "420C1976-6941-4155-A253-0F4CF42254D0",
"versionEndIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:astaro:security_gateway:*:*:*:*:*:*:*:*",
"matchCriteriaId": "92DE340A-A359-42F6-98FC-5105637C1DEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A220989E-3634-4CF9-B1A0-75260DDF4121",
"versionEndIncluding": "8.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D7BF2E-1DEB-474A-8DEE-0A2D1A9B1A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:120:*:*:*:*:*:*:*",
"matchCriteriaId": "CE59783E-6A2D-4777-9BA2-8527DA6B32BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:220:*:*:*:*:*:*:*",
"matchCriteriaId": "646FEB9F-2F54-4946-9687-C2EC28144C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:320:*:*:*:*:*:*:*",
"matchCriteriaId": "57654458-F143-4D70-9D52-0A242F3177A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:425:*:*:*:*:*:*:*",
"matchCriteriaId": "A6527EC0-536E-4BF0-9949-8FA4A4E64688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:525:*:*:*:*:*:*:*",
"matchCriteriaId": "21A9EA52-E9F1-4267-86BC-570ED1ECC7B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:625:*:*:*:*:*:*:*",
"matchCriteriaId": "280976E2-D7A8-43B7-A57C-66920BC91DAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 allows remote attackers to inject arbitrary web script or HTML via the \"Comment (optional)\" field."
},
{
"lang": "es",
"value": "vulnerabilidad de ejecuci\u00f3n de secuencias de comandos en sitios cruzados (XSS) en el componente Backup/Restore en WebAdmin en Astaro Security Gateway anteriores a v8.305, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del campo \"Comment (opcional)\"."
}
],
"id": "CVE-2012-3238",
"lastModified": "2024-11-21T01:40:29.847",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-07-09T22:55:01.197",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://security.inshell.net/advisory/27"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.astaro.com/en-uk/blog/up2date/8305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2012-06/0206.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://security.inshell.net/advisory/27"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.astaro.com/en-uk/blog/up2date/8305"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2016-01-14 22:59
Modified
2024-11-21 02:42
Severity ?
Summary
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.318:*:*:*:*:*:*:*",
"matchCriteriaId": "EFA93870-577B-4D53-A61D-22E024F96B16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*",
"matchCriteriaId": "9857D3A8-7942-4624-B3D6-9943D34030B8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D7BF2E-1DEB-474A-8DEE-0A2D1A9B1A77",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:120:*:*:*:*:*:*:*",
"matchCriteriaId": "CE59783E-6A2D-4777-9BA2-8527DA6B32BA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:220:*:*:*:*:*:*:*",
"matchCriteriaId": "646FEB9F-2F54-4946-9687-C2EC28144C97",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:320:*:*:*:*:*:*:*",
"matchCriteriaId": "57654458-F143-4D70-9D52-0A242F3177A1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:425:*:*:*:*:*:*:*",
"matchCriteriaId": "A6527EC0-536E-4BF0-9949-8FA4A4E64688",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:525:*:*:*:*:*:*:*",
"matchCriteriaId": "21A9EA52-E9F1-4267-86BC-570ED1ECC7B1",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:625:*:*:*:*:*:*:*",
"matchCriteriaId": "280976E2-D7A8-43B7-A57C-66920BC91DAB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*",
"matchCriteriaId": "104DA87B-DEE4-4262-AE50-8E6BC43B228B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*",
"matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "52D13E08-7B08-44AA-9017-3EE3F6301E10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "727CC471-6473-4C8D-8D1A-D8B3C6AB21CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2FBC7FF1-01EE-40A1-8735-14360A371803",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "4CEDBF5F-23BD-4A60-926A-B822D5E3BFB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*",
"matchCriteriaId": "987527F8-8A42-4729-A329-4D2AC8AFD6E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "CAF922B2-2FE6-4401-A4F1-914C637F5450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*",
"matchCriteriaId": "93910448-8D6F-4F7E-9C7F-959754ABA50D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "4ECE74F4-8E7B-42FA-A2DD-2EE0681DA4B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3356FDFD-BEA5-45A5-A36B-D1153AFE6C23",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "AA9D704A-D1E7-4989-9136-1EAD72EF6BE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9394B8AD-AB22-4955-8774-C6BA2B56A260",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "78735121-6BA0-4158-B3D5-E4BACCA5E95A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*",
"matchCriteriaId": "0C5D4A9B-1194-4D63-AAC2-8701C890BB0D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "270BABBA-70A8-4FC7-962D-0D0D40F4497F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*",
"matchCriteriaId": "F75DB5AE-E99D-4827-B290-823E015AEE34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "A710EC9F-1352-4DF0-B1CF-9C51ACB078CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*",
"matchCriteriaId": "DA4F797B-8E2C-41AC-AA29-D6B50A539B2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "7F482203-0CF1-403C-A25C-9B0DA24F6282",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*",
"matchCriteriaId": "1E74684E-71D3-4458-A8BA-5248982273F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*",
"matchCriteriaId": "9F3D478C-221F-4A07-8520-CD8856A75DCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A9754B4A-3042-49B8-86F7-2D60E25400C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "B018B05B-1311-4E0F-A9D0-620C1BF904A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3872787F-2C1C-40C0-B9CF-A3C0CEAAB400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "728372F8-6561-473D-B54D-1DB41DA1CF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "39D1E296-3040-4CC9-B95B-3E07D73F1150",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*",
"matchCriteriaId": "11BDA49F-C3E7-4D32-8105-E75525BFB2D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*",
"matchCriteriaId": "CE153B9F-721D-42ED-A662-C2597B7BF073",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "FCEE2677-16EE-484F-B2FB-FCA377E0D76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*",
"matchCriteriaId": "254243DD-2E3E-48ED-A92C-8F4FD405DA57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "90798B9A-A1C6-4EC5-96BF-AF9C6FEFB63D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*",
"matchCriteriaId": "BCF734D8-1F01-498C-A917-5B528BFD9CAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5A8ABE51-1535-44D9-B2A1-CC91021A29D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*",
"matchCriteriaId": "492F661C-45E4-4B9B-AD26-1873D91DBEA6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "546EB570-C2AC-473B-BED8-C47167D2593A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*",
"matchCriteriaId": "CA2C8269-9C66-4E41-A56C-ACC709DC2053",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "64382F2C-15AC-41FE-A936-CEB44C1AFB9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*",
"matchCriteriaId": "20B099B9-3D7E-47A4-94A5-B89759189D26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "65A8629A-CFAE-4403-BEE7-622912483702",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*",
"matchCriteriaId": "50836FA3-8116-4D58-B73E-B4830FB3A551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "D0607649-62FE-41CB-9444-53CD9C5B67C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*",
"matchCriteriaId": "3397D8DC-3410-401F-8854-BFCC35AD6686",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0B0FB8D5-75CB-4691-AB9F-B4FA46973421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*",
"matchCriteriaId": "42DCED2D-76C5-49D1-A72D-E578CF686F5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "67E1B240-BD86-41D3-BAC1-96005CB31DEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*",
"matchCriteriaId": "4BFC8587-FB9E-4FE2-B725-81CE3CE590F8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:hp:remote_device_access_virtual_customer_access_system:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E172D760-1D72-4712-8A80-E9FB5B076E7F",
"versionEndIncluding": "15.07",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D3C6DA6A-9C87-4B7B-A52D-A66276B5DE82",
"versionEndIncluding": "10.11.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key."
},
{
"lang": "es",
"value": "La funci\u00f3n resend_bytes en roaming_common.c en el cliente en OpenSSH 5.x, 6.x y 7.x en versiones anteriores a 7.1p2 permite a servidores remotos obtener informaci\u00f3n sensible desde la memoria de proceso mediante la petici\u00f3n de transmisi\u00f3n de un buffer completo, seg\u00fan lo demostrado mediante la lectura de una clave privada."
}
],
"id": "CVE-2016-0777",
"lastModified": "2024-11-21T02:42:21.607",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2016-01-14T22:59:01.140",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10734"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/44"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3446"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openssh.com/txt/release-7.1p2"
},
{
"source": "secalert@redhat.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/7"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/537295/100/0/threaded"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/80695"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034671"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2869-1"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa109"
},
{
"source": "secalert@redhat.com",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201601-01"
},
{
"source": "secalert@redhat.com",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT206167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://seclists.org/fulldisclosure/2016/Jan/44"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2016/dsa-3446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.openssh.com/txt/release-7.1p2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2016/01/14/7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/537295/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/80695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1034671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.ubuntu.com/usn/USN-2869-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://bto.bluecoat.com/security-advisory/sa109"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201601-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT206167"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2022-03-22 00:15
Modified
2024-11-21 06:39
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | unified_threat_management | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1930A0C8-5884-42E6-856D-F66B137FEEB5",
"versionEndExcluding": "9.710",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Confd log files contain local users\u0027, including root\u2019s, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710."
},
{
"lang": "es",
"value": "Los archivos de registro de Confd contienen hashes de contrase\u00f1as SHA512crypt de usuarios locales, incluido el root, con permisos de acceso no seguros. Esto permite a un atacante local intentar ataques de fuerza bruta fuera de l\u00ednea contra estos hashes de contrase\u00f1as en Sophos UTM versiones anteriores a 9.710"
}
],
"id": "CVE-2022-0652",
"lastModified": "2024-11-21T06:39:06.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 1.4,
"source": "security-alert@sophos.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-03-22T00:15:08.327",
"references": [
{
"source": "security-alert@sophos.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20220321-utm-9710"
}
],
"sourceIdentifier": "security-alert@sophos.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-532"
},
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-03-18 17:04
Modified
2024-11-21 02:06
Severity ?
Summary
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B723C1C6-CBF1-45DB-AB69-C3385E7BD7E4",
"versionEndIncluding": "9.108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "BCB0AEA3-97F9-4FCA-940C-7798AC38A748",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.007:*:*:*:*:*:*:*",
"matchCriteriaId": "C80BE400-A887-4E12-9439-7939710234E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management_software:9.107:*:*:*:*:*:*:*",
"matchCriteriaId": "B77FD3BC-FA41-4F35-8B14-90D2BC1AD893",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:110:*:*:*:*:*:*:*",
"matchCriteriaId": "E9D7BF2E-1DEB-474A-8DEE-0A2D1A9B1A77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:120:*:*:*:*:*:*:*",
"matchCriteriaId": "CE59783E-6A2D-4777-9BA2-8527DA6B32BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:220:*:*:*:*:*:*:*",
"matchCriteriaId": "646FEB9F-2F54-4946-9687-C2EC28144C97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:320:*:*:*:*:*:*:*",
"matchCriteriaId": "57654458-F143-4D70-9D52-0A242F3177A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:425:*:*:*:*:*:*:*",
"matchCriteriaId": "A6527EC0-536E-4BF0-9949-8FA4A4E64688",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:525:*:*:*:*:*:*:*",
"matchCriteriaId": "21A9EA52-E9F1-4267-86BC-570ED1ECC7B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:sophos:unified_threat_management:625:*:*:*:*:*:*:*",
"matchCriteriaId": "280976E2-D7A8-43B7-A57C-66920BC91DAB",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors."
},
{
"lang": "es",
"value": "Fuga de memoria en la pila TCP en el kernel en Sophos UTM anterior a 9.109 permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2014-2537",
"lastModified": "2024-11-21T02:06:29.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-03-18T17:04:18.813",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blogs.sophos.com/2014/02/20/utm-up2date-9-109/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57344"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/66231"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1029920"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://blogs.sophos.com/2014/02/20/utm-up2date-9-109/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/57344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/66231"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1029920"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2020-09-25 04:23
Modified
2024-11-21 05:17
Severity ?
Summary
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| sophos | unified_threat_management | * | |
| sophos | unified_threat_management | * | |
| sophos | unified_threat_management | * | |
| sophos | unified_threat_management | 9.511 | |
| sophos | unified_threat_management | 9.607 | |
| sophos | unified_threat_management | 9.705 |
{
"cisaActionDue": "2022-04-15",
"cisaExploitAdd": "2022-03-25",
"cisaRequiredAction": "Apply updates per vendor instructions.",
"cisaVulnerabilityName": "Sophos SG UTM Remote Code Execution Vulnerability",
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BA2939C6-2293-4466-9C4F-52544D3E8BDF",
"versionEndExcluding": "9.511",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0AE7745-9A4A-4369-81A6-B7E27ADBBEDB",
"versionEndExcluding": "9.607",
"versionStartIncluding": "9.600",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:*:*:*:*:*:*:*:*",
"matchCriteriaId": "991F1452-7B5F-4B9C-9BB6-8469D45B1570",
"versionEndExcluding": "9.705",
"versionStartIncluding": "9.700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:9.511:-:*:*:*:*:*:*",
"matchCriteriaId": "AAEC9A72-3E62-4FB6-AFE0-BEA7CFE4C86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:9.607:-:*:*:*:*:*:*",
"matchCriteriaId": "CC343E3F-5FF0-4492-B8C8-33C1B92D39F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:sophos:unified_threat_management:9.705:-:*:*:*:*:*:*",
"matchCriteriaId": "5D7A1A80-2170-406C-8680-63D2B4AE067B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11"
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en WebAdmin de Sophos SG UTM versiones anteriores a v9.705 MR5, v9.607 MR7 y v9.511 MR11"
}
],
"id": "CVE-2020-25223",
"lastModified": "2024-11-21T05:17:42.037",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-25T04:23:04.857",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164697/Sophos-UTM-WebAdmin-SID-Command-Injection.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://community.sophos.com/b/security-blog"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223"
},
{
"source": "cve@mitre.org",
"tags": [
"Technical Description"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.secpod.com/blog/remote-code-execution-in-sophos-utm/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/164697/Sophos-UTM-WebAdmin-SID-Command-Injection.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Not Applicable",
"Vendor Advisory"
],
"url": "https://community.sophos.com/b/security-blog"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://community.sophos.com/b/security-blog/posts/advisory-resolved-rce-in-sg-utm-webadmin-cve-2020-25223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description"
],
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.secpod.com/blog/remote-code-execution-in-sophos-utm/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}