MEDIUM🇬🇧 English

CVE-2016-7442

CVSS 4.4v3.0pub. 2016-10-03upd. 2026-05-06

The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the proxy user settings in "system settings / scan settings / anti spam" configuration tab.

oryginał EN
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
  • Sophos Unified Threat Management Software

    APP
    Sophos
    ≤ 9.405-5
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2015-7547HIGH8.1ten sam produkt

Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in...

CVE-2016-0778HIGH8.1ten sam produkt

The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, an...

CVE-2014-2537HIGH7.8ten sam produkt

Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denia...

CVE-2013-5932HIGH10.0ten sam produkt

Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown imp...

CVE-2016-7397MEDIUM4.4ten sam produkt

The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain s...