Vulnerability Details CVE-2021-36807
An authenticated user could potentially execute code via an SQLi vulnerability in the user portal of SG UTM before version 9.708 MR8.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.2%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2021-36807
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.0
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.001
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.002
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.003
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.004
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.005
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.006
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.007
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.1
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.101
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.102
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.103
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.104
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.105
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.106
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.107
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.108
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.109
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.110
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.111
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.112
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.113
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.2
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.202
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.203
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.204
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.206
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.207
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.208
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.209
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.210
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.213
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.216
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.217
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.3
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.303
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.304
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.305
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.306
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.307
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.308
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.309
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.310
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.311
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.312
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.313
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.314
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.318
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.319
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.350
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.352
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.353
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.354
-
cpe:2.3:a:sophos:unified_threat_management_up2date:9.355