Insecure Hash Storage in Sophos Endpoint Protection 10.7 by Sophos
CVE-2018-9233

7.8HIGH

Key Information:

Vendor

Sophos
Status
Endpoint Protection
Vendor
CVE Published:
5 April 2018

What is CVE-2018-9233?

Sophos Endpoint Protection 10.7 employs an unsalted SHA-1 hashing algorithm for storing passwords in the machine.xml configuration file. This insecure method increases the risk of exposure, as attackers can utilize rainbow tables and other tools to easily reverse-engineer the hashed passwords to their cleartext form. Consequently, they can manipulate malware settings adversely, posing significant security dangers to affected systems.

References

https://www.exploit-db.com/exploits/44411/
exploitx_refsource_EXPLOIT-DB
http://seclists.org/fulldisclosure/2018/Apr/7
mailing-listx_refsource_FULLDISC
http://hyp3rlinx.altervista.org/advisories/SOPHOS-ENDPOIN...
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.