This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE-2016-7442 Vulnerability Alert

Hi all,

 

My client is currently using UTM 9 on 9.405-5.  My client is concerned about the vulnerability released last week CVE-2016-7442 and CVE-2016-7397.

Vulnerability Details:

The password is reflected to DOM and is readable through the "value" field of the SMTP user settings in notifications tab. You have to be authenticated to access the configuration tab.

 

Has Sophos got any fix for this?

Cheers

Hunt



This thread was automatically locked due to age.
Parents Reply Children
No Data