Advisory: Central Logging

Voltar à Visão geral dos comunicados de segurança
Informational
CVE
Updated:
Produto(s)
Sophos Central
ID da publicação 2022-02-CentralLogging
Versão do artigo 2
Primeira publicação
Solução alternativa No

Overview

A modification to the Sophos Central login experience on January 20, 2022, resulted in the unintended logging of a subset of Sophos Central passwords in specific circumstances. The issue was discovered internally during a routine review of log information. After investigation, we have determined there is no exposure of these passwords outside of the Sophos logging platform.

Multi-factor authentication (MFA) secures all Sophos Central accounts to prevent the misuse of credentials under all circumstances.

The remediation for Sophos Central updated the logic of the login experience to prevent saving passwords to the log.

 

Remediation

  • The issue was discovered by Sophos Central operators at 21:30 UTC on February 5, 2022
  • Fix went live in Sophos Central at 23:24 UTC on February 5, 2022
  • All logged plaintext password data was purged from all Sophos systems by 02:09 UTC on February 6, 2022
  • On February 8, 2022, Sophos recommended a password reset for all users who logged in to Sophos Central between January 20, 2022, and February 5, 2022, with their password auto-filled using either a password manager or the password-saving functionality of their web browser

 

Related information