CPE Details
Stormshield Network Security (SNS) 4.7.0
4.7.0
2023-12-27
13h54 +00:00
13h54 +00:00
2024-08-20
12h58 +00:00
12h58 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:stormshield:stormshield_network_security:4.7.0:*:*:*:*:*:*:*
Informations
Vendor
stormshieldProduct
stormshield_network_securityVersion
4.7.0Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component. | 7.5 |
High |
||
| In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25, 4.0.0 through 4.3.18 before 4.3.19, 4.4.0 through 4.6.5 before 4.6.6, and 4.7.0 before 4.7.1, the usage of a Network object created from an inactive DHCP interface in the filtering slot results in the usage of an object of the :any" type, which may have unexpected results for access control. | 7.3 |
High |
||
| An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible. | 7.5 |
High |
||
| An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access commands. | 5.3 |
Medium |
||
| An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine. | 6.5 |
Medium |
2025©
tesweb SA
