Remote Password Change Vulnerability in Sophos Web Appliance

Remote Password Change Vulnerability in Sophos Web Appliance

CVE-2014-2849 · HIGH Severity

AV:N/AC:L/AU:S/C:N/I:C/A:C

The Change Password dialog box (change_password) in Sophos Web Appliance before 3.8.2 allows remote authenticated users to change the admin user password via a crafted request.

Learn more about our Web App Pen Testing.