threat
engine
.sh
Back
·
··:··
Home
/
Product
/
stormshield network security
Product
stormshield network security
36 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2025-48707
< 5.0.1
An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information could, in some HA use c
7.5
HIGH
CVE-2023-41165
>= 3.7.0 and < 3.7.39
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.
4.8
MEDIUM
CVE-2023-34198
>= 1.0.0 and < 3.7.37
In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25, 4.0.0 through 4.3.
7.3
HIGH
CVE-2023-28616
>= 2.7.0 and < 4.3.17
An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.
7.5
HIGH
CVE-2023-47091
>= 4.3.13 and < 4.3.23
An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 bef
7.5
HIGH
CVE-2023-47093
>= 4.0.0 and < 4.3.22
An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a craf
6.5
MEDIUM
CVE-2023-41166
>= 3.7.0 and <= 3.7.39
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22,
5.3
MEDIUM
CVE-2023-26095
>= 4.6.0 and < 4.6.3
ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP
7.5
HIGH
CVE-2020-11711
>= 3.6.0 and < 3.7.13
An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential th
4.8
MEDIUM
CVE-2023-20052
>= 3.0.0 and < 3.7.35
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the DMG file pa
5.3
MEDIUM
CVE-2023-20032
>= 3.0.0 and < 3.7.35
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerability in the HFS+ partit
9.8
CRITICAL
CVE-2023-0286
>= 2.7.0 and < 2.7.11
There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were par
7.4
HIGH
CVE-2022-4450
>= 4.0.0 and < 4.3.16
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and decodes the "name" (e.g. "CERTIFICATE"), any header data
7.5
HIGH
CVE-2022-4304
>= 2.7.0 and < 2.7.11
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext a
5.9
MEDIUM
CVE-2022-40617
>= 3.11.1 and < 3.11.20
strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-ent
7.5
HIGH
CVE-2022-27812
>= 3.7.0 and < 3.7.30
Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffi
7.5
HIGH
CVE-2022-37434
>= 3.7.31 and < 3.7.34
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra fie
9.8
CRITICAL
CVE-2022-30279
>= 4.3.3 and < 4.3.8
An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugi
7.5
HIGH
CVE-2022-23989
>= 3.0.0 and < 3.7.25
In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.
7.5
HIGH
CVE-2021-3398
>= 3.0.0 and <= 3.7.24
Stormshield Network Security (SNS) 3.x has an Integer Overflow in the high-availability component.
5.8
MEDIUM
CVE-2021-37613
>= 1.0.0 and <= 1.6.1
Stormshield Network Security (SNS) 1.0.0 through 4.2.3 allows a Denial of Service.
6.5
MEDIUM
CVE-2021-31814
>= 2.1.0 and <= 2.9.0
In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive info
6.1
MEDIUM
CVE-2021-31617
>= 1.0.0 and < 2.7.9
In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8
9.8
CRITICAL
CVE-2021-28962
>= 2.5.0 and < 2.7.9
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain privileges via CLI commands.
7.2
HIGH
CVE-2021-28096
>= 2.0.0 and <= 2.7.8
An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). An attacker can saturate the proxy connection ta
5.3
MEDIUM
CVE-2022-22703
>= 2.0.0 and < 2.1.1
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file
5.5
MEDIUM
CVE-2021-45885
>= 4.2.2 and < 4.2.8
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migrat
7.5
HIGH
CVE-2002-20001
>= 2.7.0 and < 4.3.16
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actual
7.5
HIGH
CVE-2021-28127
>= 2.0.0 and <= 2.7.9
An issue was discovered in Stormshield SNS through 4.2.1. A brute-force attack can occur.
7.5
HIGH
CVE-2021-28665
>= 3.8.0 and < 3.11.5
Stormshield SNS with versions before 3.7.18, 3.11.6 and 4.1.6 has a memory-management defect in the SNMP plugin that can lead to e
7.5
HIGH
CVE-2021-27506
>= 1.0 and <= 4.2.0
The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case
5.5
MEDIUM
CVE-2021-3384
>= 2.0.0 and < 2.7.8
A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables manageme
5.3
MEDIUM
CVE-2020-7466
>= 4.0.0 and < 4.3.17
The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to
7.5
HIGH
CVE-2020-7465
>= 4.0.0 and < 4.3.17
The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP
9.8
CRITICAL
CVE-2020-8430
>= 3.0.0 and <= 3.7.10
Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. Fo
6.1
MEDIUM
CVE-2018-20850
>= 2.0.0 and <= 2.13.0
Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS we
8.2
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin