Stormshield Network Security (SNS) 4.2.9

CPE Details

Stormshield Network Security (SNS) 4.2.9
stormshield
stormshield_network_security
4.2.9
2024-08-20
12h58 +00:00
2024-08-20
12h58 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:stormshield:stormshield_network_security:4.2.9:*:*:*:*:*:*:*

Informations

Vendor

stormshield

Product

stormshield_network_security

Version

4.2.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-28616 2023-12-25 23h00 +00:00 An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component.
7.5
High
CVE-2023-34198 2023-12-24 23h00 +00:00 In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25, 4.0.0 through 4.3.18 before 4.3.19, 4.4.0 through 4.6.5 before 4.6.6, and 4.7.0 before 4.7.1, the usage of a Network object created from an inactive DHCP interface in the filtering slot results in the usage of an object of the :any" type, which may have unexpected results for access control.
7.3
High
CVE-2023-41165 2023-12-24 23h00 +00:00 An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.11.27, 4.0 through 4.3.21 before 4.3.22, and 4.4.0 through 4.6.8 before 4.6.9. An administrator with write access to the SNS firewall can configure a login disclaimer with malicious JavaScript elements that can result in data theft.
4.8
Medium
CVE-2023-47093 2023-12-19 23h00 +00:00 An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.
6.5
Medium
CVE-2022-27812 2022-08-23 22h00 +00:00 Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS.
7.5
High
CVE-2022-23989 2022-03-15 19h26 +00:00 In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the blocking of almost all network traffic, making the firewall unreachable. An attacker could exploit this via forged and properly timed traffic to cause a denial of service.
7.5
High
CVE-2002-20001 2021-11-11 00h00 +00:00 The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.
7.5
High