Hi,
are SOFS and SG UTM affected by CVE-2023-51766 (Sender Spoofing by SMTP)?
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
Hello there,
Thank you for contacting the Sophos Community.
I need to reach out internally to confirm; I will update the post once I hear back or by the end of the day on Tuesday.
Regards,
emmosophos Do you have details for us regarding the Exim vulnerability CVE-2023-51766 and it's impact on the current versions of XG/UTM ?
Hello,
I am still waiting for confirmation on this from the security team. I am expecting to hear back tomorrow or the day after (the latest).
Regards,
Hello,
I am still waiting for confirmation on this from the security team. I am expecting to hear back tomorrow or the day after (the latest).
Regards,
I can confirm that the UTM9 vm is vaulnerable to this - have seen some odd behavious with some stuffed emails failing SPF checks, which results in any further items failing.