9.8

CVE-2022-1040

Warnung
Exploit
An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SophosSfos Version <= 18.5.3

31.03.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

Sophos Firewall Authentication Bypass Vulnerability

Schwachstelle

An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 99.8% 1
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
security-alert@sophos.com 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://packetstormsecurity.com/files/168046/Sophos-XG115w-Firewall-17.0.10-MR-10-Authentication-Bypass.html
Third Party Advisory
Exploit
VDB Entry
https://www.exploit-db.com/exploits/51006
Third Party Advisory
Exploit
VDB Entry
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220325-sfos-rce
Vendor Advisory
Mitigation
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-1040
US Government Resource