Vulnerabilities > Stormshield > Stormshield Network Security > 2.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-10 | CVE-2021-31814 | Missing Authentication for Critical Function vulnerability in Stormshield Network Security In Stormshield 1.1.0, and 2.1.0 through 2.9.0, an attacker can block a client from accessing the VPN and can obtain sensitive information through the SN VPN SSL Client. | 6.1 |
| 2022-02-10 | CVE-2021-37613 | Unspecified vulnerability in Stormshield Network Security Stormshield Network Security (SNS) 1.0.0 through 4.2.3 allows a Denial of Service. | 2.9 |
| 2022-01-27 | CVE-2021-28096 | Allocation of Resources Without Limits or Throttling vulnerability in Stormshield Network Security An issue was discovered in Stormshield SNS before 4.2.3 (when the proxy is used). | 4.3 |
| 2021-07-01 | CVE-2021-28127 | Improper Restriction of Excessive Authentication Attempts vulnerability in Stormshield Network Security An issue was discovered in Stormshield SNS through 4.2.1. | 5.0 |
| 2019-07-04 | CVE-2018-20850 | Cross-site Scripting vulnerability in Stormshield Network Security Stormshield Network Security 2.0.0 through 2.13.0 and 3.0.0 through 3.7.1 has self-XSS in the command line interface of the SNS web server. | 7.2 |