Skip to main content

Web Appliance CVE-2013-4984

HIGH
OS Command Injection (CWE-78)
2013-09-10 cve@mitre.org
7.2
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:N/C:C/I:C/A:C
Attack Vector
Local
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Sep 10, 2013 - 11:28 cve.org
HIGH 7.2

DescriptionCVE.org

The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument.

AnalysisAI

The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as OS Command Injection (CWE-78), which allows attackers to execute arbitrary operating system commands on the host. The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument. Affected products include: Sophos Web Appliance. Version information: before 3.7.9.1.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Avoid passing user input to shell commands. Use language-specific APIs instead of shell execution. Apply strict input validation with allowlists.

CVE-2014-2849 HIGH POC
8.5 Apr 11

The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users

CVE-2014-2850 HIGH POC
8.5 Apr 11

The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2 allows remote administrator

CVE-2013-2641 MEDIUM POC
5.0 Mar 18

Directory traversal vulnerability in patience.cgi in Sophos Web Appliance before 3.7.8.2 allows remote attackers to read

CVE-2017-6182 CRITICAL POC
9.8 Mar 30

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports wa

CVE-2013-2642 CRITICAL POC
9.3 Mar 18

Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via shell metacharacters i

CVE-2023-1671 CRITICAL POC
9.8 Apr 04

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10

CVE-2016-9554 HIGH POC
7.2 Jan 28

The Sophos Web Appliance Remote / Secure Web Gateway server (version 4.2.1.3) is vulnerable to a Remote Command Injectio

CVE-2016-9553 HIGH POC
7.2 Jan 28

The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection vulnerabilities affecting its w

CVE-2017-6412 HIGH POC
8.1 Mar 30

In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. Rated high severity (CVSS 8.1

CVE-2013-2643 MEDIUM POC
4.3 Mar 18

Multiple cross-site scripting (XSS) vulnerabilities in Sophos Web Appliance before 3.7.8.2 allow remote attackers to inj

CVE-2017-6183 HIGH
7.2 Mar 30

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecti

CVE-2017-9523 MEDIUM
6.1 Jun 09

The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. Rated medium severity (CVSS 6.1),

Share

CVE-2013-4984 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy