CPE-E8C67F05-21B1-4E23-A6F7-767DB5DD6EBF Detail

CPE Details

Stormshield Network Security (SNS) 2.7.7

Vendor

stormshield

Product

stormshield_network_security

Version

2.7.7

Created

2024-08-20
12h58 +00:00

Modified

2024-08-20
12h58 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:stormshield:stormshield_network_security:2.7.7:::::::*

Informations

Vendor

stormshield

Product

stormshield_network_security

Version

2.7.7

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-28616	2023-12-25 23h00 +00:00	An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component.	7.5	High
CVE-2023-34198	2023-12-24 23h00 +00:00	In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25, 4.0.0 through 4.3.18 before 4.3.19, 4.4.0 through 4.6.5 before 4.6.6, and 4.7.0 before 4.7.1, the usage of a Network object created from an inactive DHCP interface in the filtering slot results in the usage of an object of the :any" type, which may have unexpected results for access control.	7.3	High
CVE-2021-31617	2022-01-31 14h16 +00:00	In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memory management can lead to remote code execution.	9.8	Critical
CVE-2021-28962	2022-01-31 12h50 +00:00	Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain privileges via CLI commands.	7.2	High
CVE-2002-20001	2021-11-11 00h00 +00:00	The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.	7.5	High
CVE-2021-27506	2021-03-19 13h28 +00:00	The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1.	5.5	Medium
CVE-2021-3384	2021-03-02 16h08 +00:00	A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. This affects versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0.0 to 3.7.16, 3.8.0 to 3.11.4, and 4.0.0 to 4.1.5. Fixed in versions 2.7.8, 3.7.17, 3.11.5, and 4.2.0.	5.3	Medium

Stormshield Network Security (SNS) 2.7.7

CPE Details

CPE Name: cpe:2.3:a:stormshield:stormshield_network_security:2.7.7:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:stormshield:stormshield_network_security:2.7.7:::::::*