Search

Find a vulnerability

Search criteria

    5 vulnerabilities found for mobile by sophos

    VAR-202002-1069

    Vulnerability from variot - Updated: 2024-11-23 22:55

    The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction. plural Sophos The product contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Attackers can exploit this vulnerability to bypass virus detection with the help of specially crafted ZIP files

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-202002-1069",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "cloud optix",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "mobile",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "intercept x for server",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "endpoint protection",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "intercept x endpoint",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "secure web gateway",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "cloud optix",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "endpoint protection",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "intercept x for server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "intercept x endpoint",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "mobile",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sophos",
            "version": "2020-01-14"
          },
          {
            "model": "secure web gateway",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "sophos",
            "version": "2020-01-14"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "cpe_match": [
                  {
                    "cpe22Uri": "cpe:/a:sophos:cloud_optix",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:sophos:endpoint_protection",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:sophos:intercept_x_for_server",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:sophos:intercept_x_endpoint",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:sophos:mobile",
                    "vulnerable": true
                  },
                  {
                    "cpe22Uri": "cpe:/a:sophos:secure_web_gateway",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          }
        ]
      },
      "cve": "CVE-2020-9363",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "nvd@nist.gov",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "CVE-2020-9363",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 1.0,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Medium",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 6.8,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-002411",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.8,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 6.8,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 8.6,
                "id": "VHN-187488",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "LOCAL",
                "author": "nvd@nist.gov",
                "availabilityImpact": "HIGH",
                "baseScore": 7.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 1.8,
                "id": "CVE-2020-9363",
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Local",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 7.8,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "JVNDB-2020-002411",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "Required",
                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "nvd@nist.gov",
                "id": "CVE-2020-9363",
                "trust": 1.0,
                "value": "HIGH"
              },
              {
                "author": "NVD",
                "id": "JVNDB-2020-002411",
                "trust": 0.8,
                "value": "High"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-202002-1108",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-187488",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187488"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction. plural Sophos The product contains an input verification vulnerability.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Attackers can exploit this vulnerability to bypass virus detection with the help of specially crafted ZIP files",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2020-9363"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "VULHUB",
            "id": "VHN-187488"
          }
        ],
        "trust": 1.71
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2020-9363",
            "trust": 2.5
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108",
            "trust": 0.7
          },
          {
            "db": "VULHUB",
            "id": "VHN-187488",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187488"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "id": "VAR-202002-1069",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187488"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-11-23T22:55:17.343000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "https://www.sophos.com/en-us.aspx"
          },
          {
            "title": "Multiple Sophos Product security vulnerabilities",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=111209"
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-436",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-20",
            "trust": 0.9
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187488"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.5,
            "url": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html"
          },
          {
            "trust": 1.7,
            "url": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2020-9363"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-9363"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/sophos-endpoint-protection-vulnerability-via-zip-archive-bypass-31671"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-187488"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "VULHUB",
            "id": "VHN-187488"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          },
          {
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2020-02-24T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187488"
          },
          {
            "date": "2020-03-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "date": "2020-02-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          },
          {
            "date": "2020-02-24T16:15:13.250000",
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2022-04-18T00:00:00",
            "db": "VULHUB",
            "id": "VHN-187488"
          },
          {
            "date": "2020-03-13T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          },
          {
            "date": "2022-04-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          },
          {
            "date": "2024-11-21T05:40:29.150000",
            "db": "NVD",
            "id": "CVE-2020-9363"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "local",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "plural  Sophos Product input verification vulnerabilities",
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2020-002411"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-202002-1108"
          }
        ],
        "trust": 0.6
      }
    }

    CVE-2022-3980 (GCVE-0-2022-3980)

    Vulnerability from nvd – Published: 2022-11-16 00:00 – Updated: 2025-04-29 14:12
    Summary
    An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-611 - Improper Restriction of XML External Entity Reference
    Assigner
    Impacted products
    Vendor Product Version
    Sophos Sophos Mobile managed on-premises Affected: 5.0.0 , < unspecified (custom)
    Affected: unspecified , ≤ 9.7.4 (custom)
    Create a notification for this product.
    Credits
    Florian Hauser of Code White GmbH
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:27:54.013Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3980",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T14:10:25.355027Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-611",
                    "description": "CWE-611 Improper Restriction of XML External Entity Reference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T14:12:08.837Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sophos Mobile managed on-premises",
              "vendor": "Sophos",
              "versions": [
                {
                  "lessThan": "unspecified",
                  "status": "affected",
                  "version": "5.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Florian Hauser of Code White GmbH"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-16T00:00:00.000Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2022-3980",
        "datePublished": "2022-11-16T00:00:00.000Z",
        "dateReserved": "2022-11-14T00:00:00.000Z",
        "dateUpdated": "2025-04-29T14:12:08.837Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9363 (GCVE-0-2020-9363)

    Vulnerability from nvd – Published: 2020-02-24 15:07 – Updated: 2024-08-04 10:26
    VLAI
    Summary
    The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:26:16.016Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-03T15:54:04.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-9363",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html",
                  "refsource": "MISC",
                  "url": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html"
                },
                {
                  "name": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363",
                  "refsource": "MISC",
                  "url": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-9363",
        "datePublished": "2020-02-24T15:07:39.000Z",
        "dateReserved": "2020-02-24T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:26:16.016Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-3980 (GCVE-0-2022-3980)

    Vulnerability from cvelistv5 – Published: 2022-11-16 00:00 – Updated: 2025-04-29 14:12
    Summary
    An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    • CWE-611 - Improper Restriction of XML External Entity Reference
    Assigner
    Impacted products
    Vendor Product Version
    Sophos Sophos Mobile managed on-premises Affected: 5.0.0 , < unspecified (custom)
    Affected: unspecified , ≤ 9.7.4 (custom)
    Create a notification for this product.
    Credits
    Florian Hauser of Code White GmbH
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T01:27:54.013Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-3980",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-29T14:10:25.355027Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-611",
                    "description": "CWE-611 Improper Restriction of XML External Entity Reference",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-29T14:12:08.837Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Sophos Mobile managed on-premises",
              "vendor": "Sophos",
              "versions": [
                {
                  "lessThan": "unspecified",
                  "status": "affected",
                  "version": "5.0.0",
                  "versionType": "custom"
                },
                {
                  "lessThanOrEqual": "9.7.4",
                  "status": "affected",
                  "version": "unspecified",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Florian Hauser of Code White GmbH"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An XML External Entity (XEE) vulnerability allows server-side request forgery (SSRF) and potential code execution in Sophos Mobile managed on-premises between versions 5.0.0 and 9.7.4."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-11-16T00:00:00.000Z",
            "orgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
            "shortName": "Sophos"
          },
          "references": [
            {
              "url": "https://www.sophos.com/en-us/security-advisories/sophos-sa-20221116-smc-xee"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "526a354d-e866-4174-ae7d-bac848e5c4c5",
        "assignerShortName": "Sophos",
        "cveId": "CVE-2022-3980",
        "datePublished": "2022-11-16T00:00:00.000Z",
        "dateReserved": "2022-11-14T00:00:00.000Z",
        "dateUpdated": "2025-04-29T14:12:08.837Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-9363 (GCVE-0-2020-9363)

    Vulnerability from cvelistv5 – Published: 2020-02-24 15:07 – Updated: 2024-08-04 10:26
    VLAI
    Summary
    The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T10:26:16.016Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-04-03T15:54:04.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-9363",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html",
                  "refsource": "MISC",
                  "url": "https://blog.zoller.lu/p/release-mode-coordinated-disclosure-ref.html"
                },
                {
                  "name": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363",
                  "refsource": "MISC",
                  "url": "https://community.sophos.com/b/security-blog/posts/sophos-comments-to-cve-2020-9363"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-9363",
        "datePublished": "2020-02-24T15:07:39.000Z",
        "dateReserved": "2020-02-24T00:00:00.000Z",
        "dateUpdated": "2024-08-04T10:26:16.016Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }