Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions. This allows a local malicious user to attempt off-line brute-force attacks against these password hashes in Sophos UTM before version 9.710.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sophos unified threat management |