=====================================================================

                               CERT-Renater

                    Note d'Information No. 2023/VULN146

_____________________________________________________________________

DATE                : 05/04/2023

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Sophos Web Appliance (SWA)
                          versions prior to 3.69.0 4.3.10.4.

=====================================================================
https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce
_____________________________________________________________________


Sophos Web Appliance 4.3.10.4 Resolves Security Vulnerabilities

Critical

CVE(s)
CVE-2023-1671
CVE-2022-4934
CVE-2020-36692

Updated: 2023 Apr 4

Product(s)
Sophos Web Appliance (SWA)

Publication ID: sophos-sa-20230404-swa-rce
Article Version: 1
First Published: 2023 Apr 4
Workaround: No


Overview


The Sophos Web Appliance (SWA) 4.3.10.4 release fixes
the following security issues:


CVE ID                    Description                   Severity

CVE-2023-1671    A pre-auth command injection vulnerability in the
warn-proceed handler allowing execution of arbitrary code was
discovered and responsibly disclosed to Sophos by an external
security researcher via the Sophos bug bounty program.  CRITICAL

CVE-2022-4934   A post-auth command injection vulnerability in the
exception wizard allowing administrators to execute arbitrary code
was discovered and responsibly disclosed to Sophos by an external
security researcher via the Sophos bug bounty program.   HIGH

CVE-2020-36692   A reflected XSS via POST vulnerability in report
scheduler allowing execution of JavaScript code in the victim browser
was discovered and responsibly disclosed to Sophos by an external
researcher via the Sophos bug bounty program. The victim must be
tricked into submitting a malicious form on an attacker-controlled
website while logged in to SWA for the attack to succeed.   MEDIUM


Notes

     End of Life date for Sophos Web Appliance is on July 20, 2023

     Sophos recommends that Sophos Web Appliance is protected by
       a firewall and not accessible via the public Internet

     There is no action required for Sophos Web Appliance customers,
       as updates are installed automatically by default


Related information

     https://www.sophos.com/en-us/content/product-lifecycle

     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1671

     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4934

     https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36692

 
https://wsa.sophos.com/docs/ws1000/ws1000/concepts/ReleaseNotes_4.3.10.4.html



=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================