GCVE - cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:sophos:web_appliance:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Sophos (`a481dca1-298d-56ee-9d5c-373f6e8cead2`)
Product	Web Appliance (`084dc2a5-1e2c-5d0b-a115-1fd88a7ee3c8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-1671`	vulnerable	2026-06-03 14:48:56.057833	Details available CRITICAL (9.8) A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. Published: 2023-04-04T00:00:00.000Z Updated: 2025-10-21T23:15:21.081Z Open on db.gcve.eu Reference links https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce http://packetstormsecurity.com/files/172016/Sophos-Web-Appliance-4.3.10.4-Command-Injection.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2022-4934`	vulnerable	2026-06-03 14:48:43.391070	Details available HIGH (7.2) A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code. Published: 2023-04-04T00:00:00.000Z Updated: 2025-02-11T14:27:10.555Z Open on db.gcve.eu Reference links https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-36692`	vulnerable	2026-06-03 14:42:39.645827	Details available MEDIUM (6.5) A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that must be manually submitted by the victim while logged in to SWA. Published: 2023-04-04T00:00:00.000Z Updated: 2025-02-11T14:27:36.848Z Open on db.gcve.eu Reference links https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-9523`	vulnerable	2026-06-03 14:37:41.798193	Details available The Sophos Web Appliance before 4.3.2 has XSS in the FTP redirect page, aka NSWA-1342. Published: 2017-06-09T00:00:00.000Z Updated: 2024-08-05T17:11:01.759Z Open on db.gcve.eu Reference links http://swa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.2.html http://www.securityfocus.com/bid/99016	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-6412`	vulnerable	2026-06-03 14:37:27.697121	Details available In Sophos Web Appliance (SWA) before 4.3.1.2, Session Fixation could occur, aka NSWA-1310. Published: 2017-03-30T17:00:00.000Z Updated: 2024-08-05T15:25:49.291Z Open on db.gcve.eu Reference links http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html http://www.securityfocus.com/bid/97261 https://www.qualys.com/2017/02/28/qsa-2017-02-28/qsa-2017-02-28.pdf https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-6184`	vulnerable	2026-06-03 14:37:27.395998	Details available In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via the token parameter, aka NSWA-1303. Published: 2017-03-30T17:00:00.000Z Updated: 2024-08-05T15:25:48.358Z Open on db.gcve.eu Reference links http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html http://www.securityfocus.com/bid/97261 https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-6183`	vulnerable	2026-06-03 14:37:27.395667	Details available In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314. Published: 2017-03-30T17:00:00.000Z Updated: 2024-08-05T15:25:47.749Z Open on db.gcve.eu Reference links http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html http://www.securityfocus.com/bid/97261 https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2017-6182`	vulnerable	2026-06-03 14:37:27.395263	Details available In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible for generating reports was vulnerable to remote command injection via functions, aka NSWA-1304. Published: 2017-03-30T17:00:00.000Z Updated: 2024-08-05T15:25:47.678Z Open on db.gcve.eu Reference links http://wsa.sophos.com/rn/swa/concepts/ReleaseNotes_4.3.1.2.html http://www.securityfocus.com/bid/97261 https://www.exploit-db.com/exploits/42332/ https://community.sophos.com/products/web-appliance/b/blog/posts/release-of-swa-v4-3-1-2	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-4984`	vulnerable	2026-06-03 14:33:20.263536	Details available The close_connections function in /opt/cma/bin/clear_keys.pl in Sophos Web Appliance before 3.7.9.1 and 3.8 before 3.8.1.1 allows local users to gain privileges via shell metacharacters in the second argument. Published: 2013-09-10T10:00:00.000Z Updated: 2024-09-16T19:04:18.463Z Open on db.gcve.eu Reference links http://www.coresecurity.com/advisories/sophos-web-protection-appliance-multiple-vulnerabilities http://www.sophos.com/en-us/support/knowledgebase/119773.aspx	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.