Vulnerabilities > Sophos > XG Firewall Firmware > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-12-01 | CVE-2022-3711 | SQL Injection vulnerability in Sophos XG Firewall Firmware 17.0/17.5/18.0 A post-auth read-only SQL injection vulnerability allows users to read non-sensitive configuration database contents in the User Portal of Sophos Firewall releases older than version 19.5 GA. | 4.3 |