exploitDog

CVE-2021-25265

Опубликовано: 22 мар. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 6.8

EPSS Низкий

Описание

A malicious website could execute code remotely in Sophos Connect Client before version 2.1.

Ссылки

https://community.sophos.com/b/security-blog
Vendor Advisory
https://community.sophos.com/b/security-blog/posts/resolved-rce-in-sophos-connect-client-for-windows-cve-2021-25265
Patch
Vendor Advisory
https://community.sophos.com/b/security-blog
Vendor Advisory
https://community.sophos.com/b/security-blog/posts/resolved-rce-in-sophos-connect-client-for-windows-cve-2021-25265
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:sophos:connect:*:*:*:*:*:*:*:*

Версия до 2.1 (исключая)

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

EPSS

Процентиль: 48%

0.00248

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-558v-8jp5-w94h

CVSS3: 8.8

github

больше 3 лет назад

A malicious website could execute code remotely in Sophos Connect Client before version 2.1.

EPSS

Процентиль: 48%

0.00248

Низкий

8.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo