exploitDog

CVE-2017-6412

Опубликовано: 30 мар. 2017

Источник: nvd

CVSS3: 8.1

CVSS2: 6.8

EPSS Низкий

Описание

In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.

Ссылки

http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html
Release Notes
Vendor Advisory
http://www.securityfocus.com/bid/97261
https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2
Vendor Advisory
https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf
http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html
Release Notes
Vendor Advisory
http://www.securityfocus.com/bid/97261
https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2
Vendor Advisory
https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*

Версия до 4.3.1.1 (включая)

EPSS

Процентиль: 72%

0.00735

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-384

Связанные уязвимости

GHSA-rjw9-5xvx-3hwv

CVSS3: 8.1

github

больше 3 лет назад

In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310.

EPSS

Процентиль: 72%

0.00735

Низкий

8.1 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-384