Vulnerabilities > CVE-2021-45885 - Insufficient Session Expiration vulnerability in Stormshield Network Security
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
An issue was discovered in Stormshield Network Security (SNS) 4.2.2 through 4.2.7 (fixed in 4.2.8). Under a specific update-migration scenario, the first SSH password change does not properly clear the old password.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |