Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for malicious users to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos endpoint protection 10.7 |