Unified Threat Management
CVE-2023-22897
MEDIUM
Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.
AnalysisAI
An issue was discovered in SecurePoint UTM before 12.2.5.1. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Technical ContextAI
This vulnerability is classified as Use of Uninitialized Resource (CWE-908), which allows attackers to access uninitialized memory causing crashes or information disclosure. An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used. Affected products include: Securepoint Unified Threat Management. Version information: before 12.2.5.1..
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Initialize all variables, use compiler warnings for uninitialized access, use memory-safe languages.
More in Unified Threat Management
View allA remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511
An issue was discovered in SecurePoint UTM before 12.2.5.1. Rated high severity (CVSS 7.5), this vulnerability is remote
A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code
Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706. Rated mediu
Cross-site scripting (XSS) vulnerability in the Backup/Restore component in WebAdmin in Astaro Security Gateway before 8
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of servi
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. Ra
Same weakness CWE-908 – Use of Uninitialized Resource
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today