Sophos - Web Appliance CVE

Filtered by vendor Sophos Subscribe

Filtered by product Web Appliance

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-9523	1 Sophos	1 Web Appliance	2017-06-15	4.3 MEDIUM	6.1 MEDIUM
The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342.
CVE-2017-6184	1 Sophos	1 Web Appliance	2017-04-04	6.5 MEDIUM	4.7 MEDIUM
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303.

Vulnerabilities (CVE)