CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-25268

Multiple XSS vulnerabilities in Webadmin allow for privilege escalation from MySophos admin to SFOS admin in Sophos Firewall older than version 19.0 GA.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.5%

CVSS Severity

CVSS v3 Score 8.4

CVSS v2 Score 6.0

References

https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220505-sfos-19-0-0

Products affected by CVE-2021-25268

Sophos » Firewall » Version: N/A

cpe:2.3:h:sophos:firewall:-
Sophos » Firewall Firmware » Version: N/A

cpe:2.3:o:sophos:firewall_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-25268

Products

Pricing

Contact Us