An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access commands.
2023-12-21T00:15:25.537
2024-11-21T08:20:42.740
Modified
CVSSv3.1: 5.3 (MEDIUM)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | stormshield | stormshield_network_security | ≤ 3.7.39 | Yes |
| Application | stormshield | stormshield_network_security | ≤ 3.11.27 | Yes |
| Application | stormshield | stormshield_network_security | < 4.3.23 | Yes |
| Application | stormshield | stormshield_network_security | < 4.6.10 | Yes |
| Application | stormshield | stormshield_network_security | < 4.7.2 | Yes |