CVE-2022-0331

MEDIUM

Sophos Firewall <v18.5 MR2 - Info Disclosure

Title source: llm
STIX 2.1

Description

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.

References (1)

Core 1
Core References

Scores

CVSS v3 5.3
EPSS 0.0034
EPSS Percentile 56.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Status published
Products (1)
sophos/sfos < 18.5.2
Published Mar 29, 2022
Tracked Since Feb 18, 2026