Vulnerabilities > CVE-2021-36809 - Unspecified vulnerability in Sophos SSL VPN Client

047910
CVSS 3.6 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
PARTIAL
local
low complexity
sophos

Summary

A local attacker can overwrite arbitrary files on the system with VPN client logs using administrator privileges, potentially resulting in a denial of service and data loss, in all versions of Sophos SSL VPN client.

Vulnerable Configurations

Part Description Count
Application
Sophos
1