A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
References
Link | Resource |
---|---|
https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: Sophos
Published: 2023-10-17T23:29:12.601Z
Updated: 2023-10-17T23:29:12.601Z
Reserved: 2023-10-12T05:55:23.384Z
Link: CVE-2023-5552
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-18T00:15:10.257
Modified: 2023-10-25T00:01:20.563
Link: CVE-2023-5552
JSON object: View
Redhat Information
No data.