CVE-2023-5552
CVSS V2 None
CVSS V3 None
Description
A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.
Overview
- CVE ID
- CVE-2023-5552
- Assigner
- Sophos
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-10-17T23:29:12.601Z
- Last Modified Date
- 2023-10-17T23:29:12.601Z
Weakness Enumerations
References
| Reference URL | Reference Tags |
|---|---|
| https://www.sophos.com/en-us/security-advisories/sophos-sa-20231017-spx-password | vendor-advisory |
Sources
| Source Name | Source URL |
|---|---|
| NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-5552 |
| MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5552 |
History
| Created | Old Value | New Value | Data Type | Notes |
|---|---|---|---|---|
| 2024-06-25 05:52:27 | Added to TrackCVE |