CVE-2017-18014

Name: CVE-2017-18014
Creator: NVD / NIST
Published: 2018-01-12T17:29:01.07+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.31%

Last modified Jun 17, 2026

CVE-2017-18014 is a vulnerability of currently unknown severity. An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protection") in the webadmin interface, and execute any action available to the webadmin of the firewall (e.g., creating a new user, enabling SSH, or adding an SSH authorized key). EPSS estimates a 2.31% chance of exploitation in the next 30 days.

Description

An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a persistent XSS vulnerability found in the WAF log page (Control Center -> Log Viewer -> in the filter option "Web Server Protection") in the webadmin interface, and execute any action available to the webadmin of the firewall (e.g., creating a new user, enabling SSH, or adding an SSH authorized key). The WAF log page will execute the "User-Agent" parameter in the HTTP POST request.

Metrics

EPSS Probability

2.31%

81.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-79

Affected Software

Vendor	Product	Versions	Update
Sophos	Sfos	<= 17.0	—
Sophos	Sfos	17.0	Mr1

References

http://seclists.org/fulldisclosure/2018/Jan/24Mailing List, Third Party Advisory
https://blogs.securiteam.com/index.php/archives/3612Exploit, Third Party Advisory
https://community.sophos.com/kb/en-us/128024Vendor Advisory
https://community.sophos.com/products/xg-firewall/b/xg-blog/posts/sfos-17-0-3-mr3-releasedVendor Advisory
http://seclists.org/fulldisclosure/2018/Jan/24Mailing List, Third Party Advisory
https://blogs.securiteam.com/index.php/archives/3612Exploit, Third Party Advisory
https://community.sophos.com/kb/en-us/128024Vendor Advisory
https://community.sophos.com/products/xg-firewall/b/xg-blog/posts/sfos-17-0-3-mr3-releasedVendor Advisory

Timeline

Published: Jan 12, 2018
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2017-18014?

How severe is CVE-2017-18014?

Severity scoring for CVE-2017-18014 is pending analysis. The EPSS model estimates a 2.31% probability of exploitation in the next 30 days.

How do I fix CVE-2017-18014?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2017-18014?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST