Vulnerabilities > Sophos > Unified Threat Management Software > Low

DATE	CVE	VULNERABILITY TITLE	RISK
2016-10-03	CVE-2016-7397	Information Exposure vulnerability in Sophos Unified Threat Management Software The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the SMTP user settings in the notifications configuration tab. local low complexity sophos CWE-200	2.1
2016-10-03	CVE-2016-7442	Information Exposure vulnerability in Sophos Unified Threat Management Software The Frontend component in Sophos UTM with firmware 9.405-5 and earlier allows local administrators to obtain sensitive password information by reading the "value" field of the proxy user settings in "system settings / scan settings / anti spam" configuration tab. local low complexity sophos CWE-200	2.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.