PT-2023-15689 · Sophos · Sophos Connect
Published
2023-03-01
·
Updated
2023-03-09
·
CVE-2022-48310
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Sophos Connect versions prior to 2.2.90
Description
An information disclosure issue allows sensitive key material to be included in technical support archives.
Recommendations
For Sophos Connect versions prior to 2.2.90, update to version 2.2.90 or later to resolve the issue.
Fix
Cleartext Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sophos Connect