CVE-2018-9233

Name of the Vulnerable Software and Affected Versions Sophos Endpoint Protection version 10.7

Description The issue concerns the use of an unsalted SHA-1 hash for password storage in the machine.xml file, making it easier for attackers to determine the cleartext password via rainbow tables or other approaches. This could allow attackers to choose unsafe malware settings.

Recommendations For Sophos Endpoint Protection version 10.7, consider updating the password storage mechanism to use a more secure hashing algorithm with salting to prevent easy determination of cleartext passwords. As a temporary workaround, restrict access to the machine.xml file to minimize the risk of exploitation.