CVE-2023-4400

Name of the Vulnerable Software and Affected Versions Skyhigh Secure Web Gateway (SWG) versions 11.x prior to 11.2.14 Skyhigh Secure Web Gateway (SWG) versions 10.x prior to 10.2.25 Skyhigh Secure Web Gateway (SWG) versions 12.x prior to 12.2.1

Description A password management issue in Skyhigh Secure Web Gateway (SWG) allows some authentication information stored in configuration files to be extracted through the SWG REST API. This is possible due to the SWG storing passwords in plain text in some configuration files.

Recommendations For versions 11.x prior to 11.2.14, update to version 11.2.14 or later. For versions 10.x prior to 10.2.25, update to version 10.2.25 or later. For versions 12.x prior to 12.2.1, update to version 12.2.1 or later. As a temporary workaround, consider restricting access to the SWG REST API until a patch is applied.