CVE-2024-37386
First published: Mon Jul 15 2024(Updated: )
An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.25, 4.4.0 through 4.7.5, and 4.8.0. Certain manipulations allow restarting in single-user mode despite the activation of secure boot. The following versions fix this: 4.3.27, 4.7.6, and 4.8.2.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield Network Security | >=4.0.0<=4.3.25>=4.4.0<4.7.5=4.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-37386?
CVE-2024-37386 has a moderate severity rating as it allows manipulation to restart in single-user mode despite secure boot being active.
How do I fix CVE-2024-37386?
To fix CVE-2024-37386, upgrade to versions 4.3.27, 4.7.6, or 4.8.2 of Stormshield Network Security.
Which versions of Stormshield Network Security are affected by CVE-2024-37386?
The affected versions of Stormshield Network Security range from 4.0.0 to 4.3.25, 4.4.0 to 4.7.5, and exactly 4.8.0.
Does CVE-2024-37386 affect all Stormshield Network Security versions?
No, CVE-2024-37386 only affects specific versions listed and versions above those still supported are not impacted.
What should I do if I cannot update to the patched versions for CVE-2024-37386?
If unable to update, consider mitigating risks by applying strict access controls and monitoring for unauthorized access attempts.
- agent/references
- agent/type
- agent/first-publish-date
- agent/author
- agent/description
- collector/nvd-api
- source/NVD
- agent/weakness
- agent/severity
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/stormshield
- canonical/stormshield network security