First published: Tue Mar 02 2021(Updated: )
A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. This affects versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0.0 to 3.7.16, 3.8.0 to 3.11.4, and 4.0.0 to 4.1.5. Fixed in versions 2.7.8, 3.7.17, 3.11.5, and 4.2.0.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Stormshield Network Security | >=2.0.0<2.7.8 | |
Stormshield Network Security | >=2.8.0<=2.16.0 | |
Stormshield Network Security | >=3.0.0<=3.7.17 | |
Stormshield Network Security | >=3.8.0<=3.11.5 | |
Stormshield Network Security | >=4.0.0<4.1.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-3384.
The severity of CVE-2021-3384 is medium with a CVSS score of 5.3.
Versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0.0 to 3.7.16, 3.8.0 to 3.11.5, and 4.0.0 to 4.1.5 of Stormshield Network Security are affected.
CVE-2021-3384 could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system from contacting new hosts via IPv4 or IPv6.
Yes, a fix is available for CVE-2021-3384. It is recommended to update to a patched version of Stormshield Network Security.