Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2023-5552

A password disclosure vulnerability in the Secure PDF eXchange (SPX) feature allows attackers with full email access to decrypt PDFs in Sophos Firewall version 19.5 MR3 (19.5.3) and older, if the password type is set to “Specified by sender”.

  • Published: Oct 18, 2023
  • Updated: Oct 26, 2023
  • CVE: CVE-2023-5552
  • Severity: High
  • Exploit:

CVSS v3:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

OWASP TOP 10:

Software From Fixed in
sophos / firewall - 19.5.3.x