Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield stormshield network security vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-28096
An issue exists in Stormshield SNS prior to 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.
Stormshield Stormshield Network Security
NA
CVE-2020-11711
An issue exists in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It i...
Stormshield Stormshield Network Security
7.2
CVSSv2
CVE-2018-20850
Stormshield Network Security 2.0.0 up to and including 2.13.0 and 3.0.0 up to and including 3.7.1 has self-XSS in the command line interface of the SNS web server.
Stormshield Stormshield Network Security
NA
CVE-2023-41166
An issue exists in Stormshield Network Security (SNS) 3.7.0 up to and including 3.7.39, 3.11.0 up to and including 3.11.27, 4.3.0 up to and including 4.3.22, 4.6.0 up to and including 4.6.9, and 4.7.0 up to and including 4.7.1. It's possible to know if a specific user accoun...
Stormshield Stormshield Network Security
5
CVSSv2
CVE-2021-3398
Stormshield Network Security (SNS) 3.x has an Integer Overflow in the high-availability component.
Stormshield Stormshield Network Security
NA
CVE-2023-0286
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING but the public structure definition for GENERAL_NAME incorrectly specified the type of the x400Address field as ASN1_TYPE. This ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Stormshield Management Center
4 Github repositories
NA
CVE-2022-4450
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload data. If the function succeeds then the "name_out", "header" and "data" arguments a...
Openssl Openssl
Stormshield Stormshield Network Security
1 Github repository
7.5
CVSSv2
CVE-2021-31617
In ASQ in Stormshield Network Security (SNS) 1.0.0 up to and including 2.7.8, 2.8.0 up to and including 2.16.0, 3.0.0 up to and including 3.7.20, 3.8.0 up to and including 3.11.8, and 4.0.1 up to and including 4.2.2, mishandling of memory management can lead to remote code execut...
Stormshield Network Security
NA
CVE-2023-47091
An issue exists in Stormshield Network Security (SNS) SNS 4.3.13 up to and including 4.3.22 prior to 4.3.23, SNS 4.6.0 up to and including 4.6.9 prior to 4.6.10, and SNS 4.7.0 up to and including 4.7.1 prior to 4.7.2. An attacker can overflow the cookie threshold, making an IPsec...
Stormshield Network Security
5
CVSSv2
CVE-2022-23989
In Stormshield Network Security (SNS) prior to 3.7.25, 3.8.x up to and including 3.11.x prior to 3.11.13, 4.x prior to 4.2.10, and 4.3.x prior to 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the block...
Stormshield Network Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »