PT-2017-16932 · Sophos · Sophos Web Appliance

Published

2017-03-30

Updated

2017-04-04

CVE-2017-6183

CVSS v3.1

7.2

High

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sophos Web Appliance versions prior to 4.3.1.2

Description The issue concerns a remote command injection in a section of the machine's configuration utilities for adding and detecting Active Directory servers.

Recommendations For versions prior to 4.3.1.2, update to version 4.3.1.2 or later to resolve the issue.

Fix

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-77

Related Identifiers

CVE-2017-6183

Affected Products

Sophos Web Appliance

PT-2017-16932 · Sophos · Sophos Web Appliance

CVE-2017-6183

Weakness Enumeration

Related Identifiers

Affected Products

References · 5