Sophos Firewall
by Sophos
CVEs (22)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-3711 | Med | 0.28 | 4.3 | 0.01 | Dec 1, 2022 | A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA. | ||
| CVE-2022-3710 | Low | 0.18 | 2.7 | 0.01 | Dec 1, 2022 | A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA. |
- risk 0.28cvss 4.3epss 0.01
A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA.
- risk 0.18cvss 2.7epss 0.01
A post-auth read-only SQL injection vulnerability allows API clients to read non-sensitive configuration database contents in the API controller of Sophos Firewall releases older than version 19.5 GA.
Page 2 of 2