Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-28616


An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component.


Published

2023-12-26T04:15:07.790

Last Modified

2024-11-21T07:55:40.477

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Primary
    CWE-319

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application stormshield stormshield_network_security < 4.3.17 Yes
Application stormshield stormshield_network_security < 4.6.4 Yes
Application stormshield stormshield_network_security 4.7.0 Yes

References