CVE-2022-0331

MEDIUM

Sophos Firewall <v18.5 MR2 - Info Disclosure

Title source: llm
STIX 2.1

Description

An information disclosure vulnerability in Webadmin allows an unauthenticated remote attacker to read the device serial number in Sophos Firewall version v18.5 MR2 and older.

References (1)

Core 1
Core References

Scores

CVSS v3 5.3
EPSS 0.0145
EPSS Percentile 70.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

Status published
Products (1)
sophos/sfos < 18.5.2
Published Mar 29, 2022
Tracked Since Feb 18, 2026