Vulnerabilities > Sophos > Unified Threat Management > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-22 CVE-2022-0652 Incorrect Permission Assignment for Critical Resource vulnerability in Sophos Unified Threat Management
Confd log files contain local users', including root’s, SHA512crypt password hashes with insecure access permissions.
local
low complexity
sophos CWE-732
7.8
2014-03-18 CVE-2014-2537 Resource Management Errors vulnerability in Sophos products
Memory leak in the TCP stack in the kernel in Sophos UTM before 9.109 allows remote attackers to cause a denial of service (memory consumption) via unspecified vectors.
network
low complexity
sophos CWE-399
7.8