Post-Auth SQL Injection Vulnerability in Mail Manager of Sophos UTM (<= 9.710)

Post-Auth SQL Injection Vulnerability in Mail Manager of Sophos UTM (<= 9.710)

CVE-2022-0386 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A post-auth SQL injection vulnerability in the Mail Manager potentially allows an authenticated attacker to execute code in Sophos UTM before version 9.710.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.