Stormshield: >> Network Security Security Vulnerabilities
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.
CVSS Score
5.5
EPSS Score
0.001
Published
2022-01-17
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-12-29
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.
CVSS Score
7.5
EPSS Score
0.005
Published
2021-05-06