Medium severity4.4NVD Advisory· Published Oct 3, 2016· Updated May 6, 2026

CVE-2016-7397

Description

The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the SMTP user settings in the notifications configuration tab.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/archive/1/539518/100/0/threadednvd
www.securityfocus.com/bid/93266nvd
www.securitytracker.com/id/1036931nvd

News mentions

No linked articles in our index yet.

cvss	0.286
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000