CVE Vulnerabilities

CVE-2014-2849

Published: Apr 11, 2014 | Modified: Apr 14, 2014
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
8.5 HIGH
AV:N/AC:L/Au:S/C:N/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.

Affected Software

Name Vendor Start Version End Version
Web_appliance_firmware Sophos 3.7.8 3.7.8
Web_appliance_firmware Sophos * 3.8.1.1
Web_appliance_firmware Sophos 3.0.0 3.0.0
Web_appliance_firmware Sophos 3.0.1 3.0.1
Web_appliance_firmware Sophos 3.0.1.1 3.0.1.1
Web_appliance_firmware Sophos 3.0.2 3.0.2
Web_appliance_firmware Sophos 3.0.3 3.0.3
Web_appliance_firmware Sophos 3.0.4 3.0.4
Web_appliance_firmware Sophos 3.0.5 3.0.5
Web_appliance_firmware Sophos 3.0.5.1 3.0.5.1
Web_appliance_firmware Sophos 3.1.0 3.1.0
Web_appliance_firmware Sophos 3.1.0.1 3.1.0.1
Web_appliance_firmware Sophos 3.1.1 3.1.1
Web_appliance_firmware Sophos 3.1.2 3.1.2
Web_appliance_firmware Sophos 3.1.3 3.1.3
Web_appliance_firmware Sophos 3.1.4 3.1.4
Web_appliance_firmware Sophos 3.2.1 3.2.1
Web_appliance_firmware Sophos 3.2.2 3.2.2
Web_appliance_firmware Sophos 3.2.2.1 3.2.2.1
Web_appliance_firmware Sophos 3.2.3 3.2.3
Web_appliance_firmware Sophos 3.2.4 3.2.4
Web_appliance_firmware Sophos 3.2.5 3.2.5
Web_appliance_firmware Sophos 3.2.6 3.2.6
Web_appliance_firmware Sophos 3.2.7 3.2.7
Web_appliance_firmware Sophos 3.3.0 3.3.0
Web_appliance_firmware Sophos 3.3.1 3.3.1
Web_appliance_firmware Sophos 3.3.2 3.3.2
Web_appliance_firmware Sophos 3.3.3 3.3.3
Web_appliance_firmware Sophos 3.3.3.1 3.3.3.1
Web_appliance_firmware Sophos 3.3.4 3.3.4
Web_appliance_firmware Sophos 3.3.5 3.3.5
Web_appliance_firmware Sophos 3.3.5.1 3.3.5.1
Web_appliance_firmware Sophos 3.3.6 3.3.6
Web_appliance_firmware Sophos 3.3.6.1 3.3.6.1
Web_appliance_firmware Sophos 3.4.0 3.4.0
Web_appliance_firmware Sophos 3.4.1 3.4.1
Web_appliance_firmware Sophos 3.4.2 3.4.2
Web_appliance_firmware Sophos 3.4.3 3.4.3
Web_appliance_firmware Sophos 3.4.3.1 3.4.3.1
Web_appliance_firmware Sophos 3.4.4 3.4.4
Web_appliance_firmware Sophos 3.4.5 3.4.5
Web_appliance_firmware Sophos 3.4.6 3.4.6
Web_appliance_firmware Sophos 3.4.7 3.4.7
Web_appliance_firmware Sophos 3.4.8 3.4.8
Web_appliance_firmware Sophos 3.5.0 3.5.0
Web_appliance_firmware Sophos 3.5.1 3.5.1
Web_appliance_firmware Sophos 3.5.1.1 3.5.1.1
Web_appliance_firmware Sophos 3.5.1.2 3.5.1.2
Web_appliance_firmware Sophos 3.5.2 3.5.2
Web_appliance_firmware Sophos 3.5.3 3.5.3
Web_appliance_firmware Sophos 3.5.4 3.5.4
Web_appliance_firmware Sophos 3.5.5 3.5.5
Web_appliance_firmware Sophos 3.5.6 3.5.6
Web_appliance_firmware Sophos 3.6.1 3.6.1
Web_appliance_firmware Sophos 3.6.1.1 3.6.1.1
Web_appliance_firmware Sophos 3.6.2 3.6.2
Web_appliance_firmware Sophos 3.6.2.1 3.6.2.1
Web_appliance_firmware Sophos 3.6.2.3 3.6.2.3
Web_appliance_firmware Sophos 3.6.2.4.0 3.6.2.4.0
Web_appliance_firmware Sophos 3.6.2.4.1 3.6.2.4.1
Web_appliance_firmware Sophos 3.6.3 3.6.3
Web_appliance_firmware Sophos 3.6.4 3.6.4
Web_appliance_firmware Sophos 3.6.4.1 3.6.4.1
Web_appliance_firmware Sophos 3.6.4.2 3.6.4.2
Web_appliance_firmware Sophos 3.7.0 3.7.0
Web_appliance_firmware Sophos 3.7.1 3.7.1
Web_appliance_firmware Sophos 3.7.2 3.7.2
Web_appliance_firmware Sophos 3.7.3 3.7.3
Web_appliance_firmware Sophos 3.7.4 3.7.4
Web_appliance_firmware Sophos 3.7.5 3.7.5
Web_appliance_firmware Sophos 3.7.6 3.7.6
Web_appliance_firmware Sophos 3.7.7 3.7.7
Web_appliance_firmware Sophos 3.7.8.1 3.7.8.1
Web_appliance_firmware Sophos 3.7.8.2 3.7.8.2
Web_appliance_firmware Sophos 3.7.9 3.7.9
Web_appliance_firmware Sophos 3.7.9.1 3.7.9.1
Web_appliance_firmware Sophos 3.8.0 3.8.0
Web_appliance_firmware Sophos 3.8.1 3.8.1

References