PT-2022-13145 · Sophos · Sophos Utm

Published

2022-03-21

Updated

2022-03-28

CVE-2022-0386

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Sophos UTM versions prior to 9.710

Description A post-auth SQL injection issue in the Mail Manager potentially allows an authenticated attacker to execute code.

Recommendations For versions prior to 9.710, update to version 9.710 or later to resolve the issue.

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2022-0386

Sophos Utm