Published: 05/04/2018 Updated: 03/10/2019

CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 215

Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N

Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for malicious users to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sophos endpoint protection 10.7

[+] Credits: John Page (aka hyp3rlinx) [+] Website: hyp3rlinxaltervistaorg [+] Source: hyp3rlinxaltervistaorg/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v107-INSECURE-CRYPTO-CVE-2018-9233txt [+] ISR: Apparition Security Vendor: ========== wwwsophoscom Product: =========== Sophos Endpoint Protection - Co ...

Sophos Endpoint Protection version 107 control panel authentication uses a weak unsalted unicoded cryptographic hash (SHA1) function Not using a salt allows attackers that gain access to hash ability to conduct faster cracking attacks using pre-computed dictionaries, eg rainbow tables This can potentially result in unauthorized access that cou ...

CWE-916 http://seclists.org/fulldisclosure/2018/Apr/7 http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOINT-PROTECTION-CONTROL-PANEL-v10.7-INSECURE-CRYPTO-CVE-2018-9233.txt https://www.exploit-db.com/exploits/44411/https://nvd.nist.gov https://www.exploit-db.com/exploits/44411/

CVE-2018-9233

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect