CVE-2017-18014
Severity CVSS v4.0:
Pending analysis
Type:
CWE-79
Cross-Site Scripting (XSS)
Publication date:
12/01/2018
Last modified:
06/02/2018
Description
An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protection") in the webadmin interface, and execute any action available to the webadmin of the firewall (e.g., creating a new user, enabling SSH, or adding an SSH authorized key). The WAF log page will execute the "User-Agent" parameter in the HTTP POST request.
Impact
Base Score 3.x
6.10
Severity 3.x
MEDIUM
Base Score 2.0
4.30
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:sophos:sfos:*:*:*:*:*:*:*:* | 17.0 (including) | |
| cpe:2.3:h:sophos:xg_firewall:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sophos:sfos:17.0:mr1:*:*:*:*:*:* | ||
| cpe:2.3:o:sophos:sfos:17.0:mr2:*:*:*:*:*:* | ||
| cpe:2.3:o:sophos:sfos:17.0:mr3:*:*:*:*:*:* | ||
| cpe:2.3:h:sophos:xg_firewall:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page