Vulnerability 118631 - CERT Civis.Net

Vulnerability Name:

CCN-118631

Published:

2016-11-04

Updated:

2016-11-04

Summary:

Sophos Web Appliance could allow a remote authenticated attacker to execute arbitrary code on the system, caused by improper validation of parameters. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVSS v3 Severity:

6.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)
5.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.5 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Consequences:

Gain Access

References:

Source: CCN
Type: Full-Disclosure Mailing List, Fri, 4 Nov 2016 10:13:04 -0500
KL-001-2016-009 : Sophos Web Appliance Remote Code Execution

Source: XF
Type: UNKNOWN
sophos-webappliance-code-exec(118631)

Source: CCN
Type: Sophos Web site
Security Made Simple for Business. Centralized Data Security for Endpoints, Encryption, Network Protection, Mobile Devices, Servers, UTM Appliances, Email and Web Gateway Solutions, Ransomware Scanning and Exploit Prevention | sophos.com

Vulnerable Configuration:

Configuration CCN 1:

cpe:/a:sophos:web_appliance:4.2.1.3:*:*:*:*:*:*:*

Denotes that component is vulnerable

BACK