Description
Securepoint UTM has two vulnerabilities that allow an unauthenticated attacker to bypass authentication and compomise the system.
Remediation
Upgrade to the latest version of Securepoint UTM.
References
SecurePwn Part 1: Bypassing SecurePoint UTM’s Authentication (CVE-2023-22620)
SecurePwn Part 2: Leaking Remote Memory Contents (CVE-2023-22897)
Related Vulnerabilities
Opencart CVE-2024-21519 Vulnerability (CVE-2024-21519)
Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-28756)
MySQL CVE-2012-1756 Vulnerability (CVE-2012-1756)
osTicket CVE-2018-7195 Vulnerability (CVE-2018-7195)
Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043)