CVE-2021-36808

A local attacker could bypass the app password using a race condition in Sophos Secure Workspace for Android before version 9.7.3115.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sophos:sophos_secure_workspace:*:*:*:*:*:android:*:*

History

21 Nov 2024, 06:14

Type Values Removed Values Added
References () https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass - Vendor Advisory () https://www.sophos.com/en-us/security-advisories/sophos-sa-20211029-ssw-pw-bypass - Vendor Advisory
CVSS v2 : 4.4
v3 : 7.0
v2 : 4.4
v3 : 5.9

Information

Published : 2021-10-30 13:15

Updated : 2024-11-21 06:14


NVD link : CVE-2021-36808

Mitre link : CVE-2021-36808

CVE.ORG link : CVE-2021-36808


JSON object : View

Products Affected

sophos

  • sophos_secure_workspace
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')