CVE-2022-22703
First published: Mon Jan 17 2022(Updated: )
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield Network Security | >=2.0.0<2.1.1 | |
| Stormshield Network Security | >=3.0.0<3.0.2 | |
| Microsoft Windows |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this security issue in Stormshield SSO Agent?
The vulnerability ID for this security issue in Stormshield SSO Agent is CVE-2022-22703.
What is the severity rating of CVE-2022-22703?
CVE-2022-22703 has a severity rating of 5.5, which is considered medium.
Which versions of Stormshield SSO Agent are affected by this vulnerability?
Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2 are affected by this vulnerability.
What is the impact of this vulnerability?
This vulnerability allows the cleartext user password and PSK to be contained in the log file of the .exe installer.
Where can I find more information about this vulnerability?
More information about this vulnerability can be found at the following link: [https://advisories.stormshield.eu/2022-001](https://advisories.stormshield.eu/2022-001)
- collector/nvd-index
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/type
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/stormshield
- canonical/stormshield network security
- version/stormshield network security/2.0.0
- version/stormshield network security/3.0.0
- vendor/microsoft
- canonical/microsoft windows