Sophos Unified Threat Management
By the Year
In 2024 there have been 0 vulnerabilities in Sophos Unified Threat Management . Unified Threat Management did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 2 | 8.30 |
| 2021 | 1 | 4.80 |
| 2020 | 1 | 9.80 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Unified Threat Management vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Sophos Unified Threat Management Security Vulnerabilities
Confd log files contain local users', including rootâs, SHA512crypt password hashes with insecure access permissions
CVE-2022-0652
7.8 - High
- March 22, 2022
Confd log files contain local users', including rootâs, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
Insertion of Sensitive Information into Log File
A post-auth SQL injection vulnerability in the Mail Manager potentially
CVE-2022-0386
8.8 - High
- March 22, 2022
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.
SQL Injection
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
CVE-2021-25273
4.8 - Medium
- July 29, 2021
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.
XSS
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5
CVE-2020-25223
9.8 - Critical
- September 25, 2020
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11
Shell injection
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Sophos Unified Threat Management or by Sophos? Click the Watch button to subscribe.
