Known Vulnerabilities for Unified Threat Management Software by Sophos
Listed below are 9 of the newest known vulnerabilities associated with "Unified Threat Management Software" by "Sophos".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2016-7442 | The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive passwo... | 4.4 - MEDIUM | 2016-10-03 | 2018-10-09 |
| CVE-2016-7397 | The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive passwo... | 4.4 - MEDIUM | 2016-10-03 | 2018-10-09 |
| CVE-2016-2046 | Cross-site scripting (XSS) vulnerability in the UserPortal page in SOPHOS UTM before 9.353 allows remote attackers to inject ... | 6.1 - MEDIUM | 2016-02-17 | 2016-12-06 |
| CVE-2016-0778 | The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.... | 8.1 - HIGH | 2016-01-14 | 2022-12-13 |
| CVE-2016-0777 | The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers t... | 6.5 - MEDIUM | 2016-01-14 | 2022-12-13 |
| CVE-2015-7547 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Libr... | 8.1 - HIGH | 2016-02-18 | 2023-02-12 |
| CVE-2014-2537 | Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (m... | 7.8 - HIGH | 2014-03-18 | 2014-04-01 |
| CVE-2013-5932 | Unspecified vulnerability in WebAdmin in Sophos UTM (aka Astaro Security Gateway) before 9.105 has unknown impact and attack ... | 10 - HIGH | 2013-09-23 | 2013-10-03 |
| CVE-2012-3238 | Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8.305 ... | 4.3 - MEDIUM | 2012-07-09 | 2012-07-10 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sophos | Unified Threat Management Software | 9.355 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.351 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.319 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.109 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.108 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.107 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.007 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 8.3 | All | All | All |