Vulnerabilities > CVE-2021-27506

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
stormshield
netasq-project
clamav
NVD
Published: 2021-03-19
Updated: 2022-07-01

Summary

The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. This affect Netasq versions 9.1.0 to 9.1.11 and SNS versions 1.0.0 to 4.2.0. This issue is fixed in SNS 3.7.19, 3.11.7 and 4.2.1.

Vulnerable Configurations

Part Description Count
Application
Stormshield
26
Application
Netasq_Project
1
Application
Clamav
176

References