CVE-2021-28665
First published: Thu May 06 2021(Updated: )
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield Network Security | >=3.0.0<3.7.18 | |
| Stormshield Network Security | >=3.8.0<3.11.5 | |
| Stormshield Network Security | >=4.0.0<4.1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-28665?
CVE-2021-28665 is a vulnerability in Stormshield SNS that can lead to excessive consumption of memory and CPU resources, and possibly a denial of service.
What is the severity of CVE-2021-28665?
CVE-2021-28665 has a severity rating of 7.5 (High).
Which versions of Stormshield SNS are affected by CVE-2021-28665?
Stormshield SNS versions before 3.7.18, 3.11.6, and 4.1.6 are affected by CVE-2021-28665.
How can CVE-2021-28665 be exploited?
CVE-2021-28665 can be exploited by sending specially crafted SNMP requests to the affected Stormshield SNS device.
Is there a fix available for CVE-2021-28665?
Yes, upgrading to Stormshield SNS version 3.7.18, 3.11.6, or 4.1.6 will fix the vulnerability.
- collector/nvd-index
- vendor/stormshield
- canonical/stormshield network security
- version/stormshield network security/3.0.0
- version/stormshield network security/3.8.0
- version/stormshield network security/4.0.0