Описание
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
Уязвимые конфигурации
Конфигурация 1Версия до 19.5.3 (включая)
cpe:2.3:a:sophos:firewall:*:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
7.1 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
CWE-522
Связанные уязвимости
CVSS3: 7.1
github
больше 2 лет назад
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
EPSS
Процентиль: 21%
0.00068
Низкий
7.1 High
CVSS3
7.5 High
CVSS3
Дефекты
CWE-200
CWE-522