Vulnerabilities > Stormshield > Stormshield Network Security > 3.11.27

DATE CVE VULNERABILITY TITLE RISK
2023-12-26 CVE-2023-28616 Cleartext Transmission of Sensitive Information vulnerability in Stormshield Network Security
An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1.
network
low complexity
stormshield CWE-319
7.5
2023-12-21 CVE-2023-41166 Unspecified vulnerability in Stormshield Network Security
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1.
network
low complexity
stormshield
5.3
2021-11-11 CVE-2002-20001 Resource Exhaustion vulnerability in multiple products
The Diffie-Hellman Key Agreement Protocol allows remote attackers (from the client side) to send arbitrary numbers that are actually not public keys, and trigger expensive server-side DHE modular-exponentiation calculations, aka a D(HE)at or D(HE)ater attack.
network
low complexity
balasys siemens suse f5 hpe stormshield CWE-400
7.5
2021-03-19 CVE-2021-27506 The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files.
local
low complexity
netasq-project stormshield clamav
5.5