📦

stormshield_network_security

Vendor: stormshield

Actively Exploited 0 CISA KEV List

PoC / Exploits 2 Code Available

Total RCEs 4 Remote Access

Total CVEs 35 Total Indexed

Avg. EPSS 6.51% Exploit Prob.

Latest CVE CVE-2025-48707 Sep 25

Security Vulnerability Index

Page 3 / 4

6.5 CVSS

CVE-2021-37613

Stormshield Network Security (SNS) 1.0.0 through 4.2.3 allows a Denial of Service.

EPSS: 0.21%

Severity: MEDIUM

Feb 10, 2022

6.1 CVSS

CVE-2021-31814

In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client.

EPSS: 0.04%

Severity: MEDIUM

Feb 10, 2022

9.8 CVSS

CVE-2021-31617

RCE

In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memory management can lead to remote code execution.

EPSS: 3.01%

Severity: CRITICAL

Jan 31, 2022

7.2 CVSS

CVE-2021-28962

Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain privileges via CLI commands.

EPSS: 0.76%

Severity: HIGH

Jan 31, 2022

5.3 CVSS

CVE-2021-28096

RCE

An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection table. This would result in the proxy denying any new connections.

EPSS: 0.38%

Severity: MEDIUM

Jan 27, 2022

7.5 CVSS

CVE-2002-20001

Exploit Found

The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack. The client needs very little CPU resources and network bandwidth. The attack may be more disruptive in cases where a client can require a server to select its largest supported key size. The basic attack scenario is that the client must claim that it can only communicate with DHE, and the server must be configured to allow DHE.

EPSS: 14.68%

Severity: HIGH

Nov 11, 2021

7.5 CVSS

CVE-2021-28127

An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.

EPSS: 0.22%

Severity: HIGH

Jul 01, 2021

7.5 CVSS

CVE-2021-28665

Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.

EPSS: 0.47%

Severity: HIGH

May 06, 2021

5.5 CVSS

CVE-2021-27506

The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1.

EPSS: 0.27%

Severity: MEDIUM

Mar 19, 2021

5.3 CVSS

CVE-2021-3384

A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. This affects versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0.0 to 3.7.16, 3.8.0 to 3.11.4, and 4.0.0 to 4.1.5. Fixed in versions 2.7.8, 3.7.17, 3.11.5, and 4.2.0.

EPSS: 0.38%

Severity: MEDIUM

Mar 02, 2021

Displaying 10 of 35 Total Entries

1 2 3 4

Total 4 Sections