Stormshield: >> Stormshield Network Security >> 2.7.8 Security Vulnerabilities
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-07-01
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1.
CVSS Score
5.5
EPSS Score
0.001
Published
2021-03-19
Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS web server.
CVSS Score
8.2
EPSS Score
0.001
Published
2019-07-04
Page 2