Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield network security vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-47093
An issue exists in Stormshield Network Security (SNS) 4.0.0 up to and including 4.3.21, 4.4.0 up to and including 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.
Stormshield Stormshield Network Security 4.7.0
Stormshield Stormshield Network Security
320
VMScore
CVE-2021-31814
In Stormshield 1.1.0, and 2.1.0 up to and including 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client.
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 1.1.0
445
VMScore
CVE-2021-28127
An issue exists in Stormshield SNS up to and including 4.2.1. A brute-force attack can occur.
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 4.2.1
668
VMScore
CVE-2020-7465
The L2TP implementation of MPD prior to 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause a denial of service (memory corruption).
Mpd Project Mpd
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 4.4.0
445
VMScore
CVE-2020-7466
The PPP implementation of MPD prior to 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which would result in a denial of service condition.
Mpd Project Mpd
Stormshield Stormshield Network Security
Stormshield Stormshield Network Security 4.4.0
NA
CVE-2023-26095
ASQ in Stormshield Network Security (SNS) 4.3.15 prior to 4.3.16 and 4.6.x prior to 4.6.3 allows a crash when analysing a crafted SIP packet.
Stormshield Network Security
Stormshield Network Security 4.3.15
NA
CVE-2023-28616
An issue exists in Stormshield Network Security (SNS) prior to 4.3.17, 4.4.x up to and including 4.6.x prior to 4.6.4, and 4.7.x prior to 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in clear...
Stormshield Network Security 4.7.0
Stormshield Network Security
NA
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
516
VMScore
CVE-2020-8430
Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=https://example.com in the query string.
Stormshield Stormshield Network Security
445
VMScore
CVE-2021-3398
Stormshield Network Security (SNS) 3.x has an Integer Overflow in the high-availability component.
Stormshield Stormshield Network Security
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAP
CVE-2024-4367
server-side request forgery
information disclosure
CVE-2024-34342
CVE-2024-4281
CVE-2024-3507
CVE-2024-25560
CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »