Описание
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
Ссылки
- Release NotesVendor Advisory
- Vendor Advisory
- Release NotesVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 4.3.1.1 (включая)
cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*
EPSS
Процентиль: 86%
0.0304
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
CVSS3: 7.2
github
больше 3 лет назад
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.
EPSS
Процентиль: 86%
0.0304
Низкий
7.2 High
CVSS3
6.5 Medium
CVSS2
Дефекты
CWE-77