← Back

Unified Threat Management

unified_threat_management

Vendor: Securepoint • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-22897
1Securepoint
1Unified Threat Management
Feb 10, 2025
Apr 12, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data...Show more
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows information disclosure of memory contents to be achieved by an authenticated user. Essentially, uninitialized data can be retrieved via an approach in which a sessionid is obtained but not used.Show less
CVE-2023-22620
1Securepoint
1Unified Threat Management
Feb 10, 2025
Apr 12, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the d...Show more
An issue was discovered in SecurePoint UTM before 12.2.5.1. The firewall's endpoint at /spcgi.cgi allows sessionid information disclosure via an invalid authentication attempt. This can afterwards be used to bypass the device's authentication and get access to the administrative interface.Show less