Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield stormshield network security vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-28096
An issue exists in Stormshield SNS prior to 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.
Stormshield Stormshield Network Security
NA
CVE-2023-41166
An issue exists in Stormshield Network Security (SNS) 3.7.0 up to and including 3.7.39, 3.11.0 up to and including 3.11.27, 4.3.0 up to and including 4.3.22, 4.6.0 up to and including 4.6.9, and 4.7.0 up to and including 4.7.1. It's possible to know if a specific user accoun...
Stormshield Stormshield Network Security
5.8
CVSSv2
CVE-2020-8430
Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=https://example.com in the query string.
Stormshield Stormshield Network Security
2.9
CVSSv2
CVE-2021-37613
Stormshield Network Security (SNS) 1.0.0 up to and including 4.2.3 allows a Denial of Service.
Stormshield Stormshield Network Security
7.2
CVSSv2
CVE-2018-20850
Stormshield Network Security 2.0.0 up to and including 2.13.0 and 3.0.0 up to and including 3.7.1 has self-XSS in the command line interface of the SNS web server.
Stormshield Stormshield Network Security
NA
CVE-2023-0286
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Stormshield Management Center
4 Github repositories
NA
CVE-2022-4450
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments a...
Openssl Openssl
Stormshield Stormshield Network Security
2 Github repositories
6.5
CVSSv2
CVE-2021-28962
Stormshield Network Security (SNS) prior to 4.2.2 allows a read-only administrator to gain privileges via CLI commands.
Stormshield Network Security
5
CVSSv2
CVE-2021-28665
Stormshield SNS with versions prior to 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.
Stormshield Network Security
5
CVSSv2
CVE-2021-3384
A vulnerability in Stormshield Network Security could allow an malicious user to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. This affects versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0...
Stormshield Network Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »