Описание
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
Ссылки
- Release NotesVendor Advisory
- Vendor Advisory
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.1.1 (включая)
cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*
EPSS
Процентиль: 94%
0.1487
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 9.8
github
больше 3 лет назад
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304.
EPSS
Процентиль: 94%
0.1487
Средний
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-78