📦

network_security

Vendor: stormshield

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.26% Exploit Prob.

Latest CVE CVE-2022-22703 Jan 17

Security Vulnerability Index

Page 1 / 1

5.5 CVSS

CVE-2022-22703

In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.

EPSS: 0.06%

Severity: MEDIUM

Jan 17, 2022

7.5 CVSS

CVE-2021-45885

An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.

EPSS: 0.24%

Severity: HIGH

Dec 29, 2021

7.5 CVSS

CVE-2021-28665

Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.

EPSS: 0.47%

Severity: HIGH

May 06, 2021

Displaying 3 of 3 Total Entries

Total 1 Sections