CVE-2024-12727: SQL Injection
First published: Thu Dec 19 2024(Updated: )
A pre-auth SQL injection vulnerability in the email protection feature of Sophos Firewall versions older than 21.0 MR1 (21.0.1) allows access to the reporting database and can lead to remote code execution if a specific configuration of Secure PDF eXchange (SPX) is enabled in combination with the firewall running in High Availability (HA) mode.
Credit: security-alert@sophos.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Sophos Firewall Firmware | <21.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-12727?
CVE-2024-12727 is considered critical due to the potential for remote code execution.
How do I fix CVE-2024-12727?
To fix CVE-2024-12727, upgrade Sophos Firewall to version 21.0.1 or later.
What feature is affected by CVE-2024-12727?
CVE-2024-12727 affects the email protection feature of Sophos Firewall.
What can exploit CVE-2024-12727?
Exploitation of CVE-2024-12727 can lead to unauthorized access to the reporting database.
Which versions of Sophos Firewall are vulnerable to CVE-2024-12727?
Sophos Firewall versions prior to 21.0 MR1 (21.0.1) are vulnerable to CVE-2024-12727.
- agent/type
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/author
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-12727
- alias/CVE-2024-12728
- alias/CVE-2024-12729
- agent/references
- agent/trending
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/sophos
- canonical/sophos firewall firmware