CVE-2023-41166
First published: Wed Dec 20 2023(Updated: )
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access commands.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield Stormshield Network Security | >=3.7.0<=3.7.39 | |
| Stormshield Stormshield Network Security | >=3.11.0<=3.11.27 | |
| Stormshield Stormshield Network Security | >=4.3.0<4.3.23 | |
| Stormshield Stormshield Network Security | >=4.6.0<4.6.10 | |
| Stormshield Stormshield Network Security | >=4.7.0<4.7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/type
- collector/mitre-cve
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- vendor/stormshield
- canonical/stormshield stormshield network security
- version/stormshield stormshield network security/3.7.0
- version/stormshield stormshield network security/3.7.39
- version/stormshield stormshield network security/3.11.0
- version/stormshield stormshield network security/3.11.27
- version/stormshield stormshield network security/4.3.0
- version/stormshield stormshield network security/4.6.0
- version/stormshield stormshield network security/4.7.0