2017-03-30 17:00:00
mitre
PUBLISHED
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machines configuration utilities for adding (and detecting) Active Directory servers was vulnerable to remote command injection, aka NSWA-1314.