CVE-2022-0652
Description
Confd log files contain local users, including roots, SHA512crypt password hashes with insecure access permissions. This allows a local attacker to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.043
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.601 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.705 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.704 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.703 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.702 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.701 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.700 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.607 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.606 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.605 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.604 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.603 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.602 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.500 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.600 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.511 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.510 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.509 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.508 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.507 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.506 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.505 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.504 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.503 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.502 | NCM |
| Vulnerabilities CVE-2020-25223 ,CVE-2022-0652 ,CVE-2022-0386 are affected in unified_threat_management 9.501 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234