First published: Fri Jan 12 2018(Updated: )
An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protection") in the webadmin interface, and execute any action available to the webadmin of the firewall (e.g., creating a new user, enabling SSH, or adding an SSH authorized key). The WAF log page will execute the "User-Agent" parameter in the HTTP POST request.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Sophos SFOS | <=17.0 | |
Sophos XG Firewall | ||
Sophos SFOS | =17.0-mr1 | |
Sophos SFOS | =17.0-mr2 | |
Sophos SFOS | =17.0-mr3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2017-18014.
The severity of CVE-2017-18014 is medium.
The affected software is Sophos XG Firewall with SFOS before 17.0.3 MR3.
An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protection") in the webadmin interface.
Yes, the updated version SFOS 17.0.3 MR3 addresses the vulnerability.