CVE-2021-36808: Race Condition
First published: Sat Oct 30 2021(Updated: )
A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.
Credit: security-alert@sophos.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos Sophos Secure Workspace | <9.7.3115 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-36808?
CVE-2021-36808 is a vulnerability in Sophos Secure Workspace for Android before version 9.7.3115 that allows a local attacker to bypass the app password.
How does CVE-2021-36808 work?
CVE-2021-36808 works by exploiting a race condition in Sophos Secure Workspace for Android, allowing a local attacker to bypass the app password.
What is the severity of CVE-2021-36808?
The severity of CVE-2021-36808 is high, with a CVSS score of 7.
What software versions are affected by CVE-2021-36808?
Sophos Secure Workspace for Android versions before 9.7.3115 are affected by CVE-2021-36808.
How can I fix CVE-2021-36808?
To fix CVE-2021-36808, you should update Sophos Secure Workspace for Android to version 9.7.3115 or later.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/tags
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/sophos
- canonical/sophos sophos secure workspace