VYPR

Endpoint Protection

by Sophos

CVEs (1)

  • CVE-2018-9233HigApr 5, 2018
    risk 0.54cvss 7.8epss 0.02

    Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow…