Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield network security vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2020-8430
Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=https://example.com in the query string.
Stormshield Stormshield Network Security
383
VMScore
CVE-2021-28096
An issue exists in Stormshield SNS prior to 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.
Stormshield Stormshield Network Security
445
VMScore
CVE-2021-3398
Stormshield Network Security (SNS) 3.x has an Integer Overflow in the high-availability component.
Stormshield Stormshield Network Security
641
VMScore
CVE-2018-20850
Stormshield Network Security 2.0.0 up to and including 2.13.0 and 3.0.0 up to and including 3.7.1 has self-XSS in the command line interface of the SNS web server.
Stormshield Stormshield Network Security
NA
CVE-2023-41166
An issue exists in Stormshield Network Security (SNS) 3.7.0 up to and including 3.7.39, 3.11.0 up to and including 3.11.27, 4.3.0 up to and including 4.3.22, 4.6.0 up to and including 4.6.9, and 4.7.0 up to and including 4.7.1. It's possible to know if a specific user accoun...
Stormshield Stormshield Network Security
NA
CVE-2023-0286
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Stormshield Management Center
4 Github repositories
NA
CVE-2022-4450
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments a...
Openssl Openssl
Stormshield Stormshield Network Security
1 Github repository
445
VMScore
CVE-2021-28665
Stormshield SNS with versions prior to 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.
Stormshield Network Security
NA
CVE-2023-47091
An issue exists in Stormshield Network Security (SNS) SNS 4.3.13 up to and including 4.3.22 prior to 4.3.23, SNS 4.6.0 up to and including 4.6.9 prior to 4.6.10, and SNS 4.7.0 up to and including 4.7.1 prior to 4.7.2. An attacker can overflow the cookie threshold, making an IPsec...
Stormshield Network Security
383
VMScore
CVE-2021-45885
An issue exists in Stormshield Network Security (SNS) 4.2.2 up to and including 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
Stormshield Network Security
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »