CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-28616
https://notcve.org/view.php?id=CVE-2023-28616
26 Dec 2023 — An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component. Se descubrió un problema en Stormshield Network Security (SNS) anterior a 4.3.17, 4.4.x a 4.6.x anterior a 4.6.4 y 4.7.x anterior a 4.7.1. Afecta a las cuentas de usuario cuya co... • https://advisories.stormshield.eu/2023-006 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-47091
https://notcve.org/view.php?id=CVE-2023-47091
25 Dec 2023 — An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible. Se descubrió un problema en Stormshield Network Security (SNS), SNS 4.3.13 a 4.3.22 antes de 4.3.23, SNS 4.6.0 a 4.6.9 antes de 4.6.10 y SNS 4.7.0 a 4.7.1 antes de 4.7.2. . Un atacante puede sobrepasar el umbral de cookies, haciendo imposible... • https://advisories.stormshield.eu • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-26095
https://notcve.org/view.php?id=CVE-2023-26095
28 Aug 2023 — ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet. • https://advisories.stormshield.eu/2023-007 • CWE-20: Improper Input Validation •