CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-36809

A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.2%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 3.6

References

https://www.sophos.com/en-us/security-advisories/sophos-sa-20220303-sslvpn-local-dos
https://www.sophos.com/en-us/security-advisories/sophos-sa-20220303-sslvpn-local-dos

Products affected by CVE-2021-36809

Sophos » Ssl Vpn Client » Version: N/A

cpe:2.3:a:sophos:ssl_vpn_client:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-36809

Products

Pricing

Contact Us