Unified Threat Management
CVE-2023-22620
HIGH
Severity by source
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
1DescriptionNVD
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface.
AnalysisAI
An issue was discovered in SecurePoint UTM before 12.2.5.1. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Incorrect Authorization (CWE-863), which allows attackers to bypass authorization checks to access restricted resources. An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface. Affected products include: Securepoint Unified Threat Management. Version information: before 12.2.5.1..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Review and test authorization logic, implement consistent access control checks, use centralized authorization framework.
More in Unified Threat Management
View allA remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511
An issue was discovered in SecurePoint UTM before 12.2.5.1. Rated medium severity (CVSS 6.5), this vulnerability is remo
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706. Rated mediu
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of servi
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. Ra
Same weakness CWE-863 – Incorrect Authorization
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today