In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25, 4.0.0 through 4.3.18 before 4.3.19, 4.4.0 through 4.6.5 before 4.6.6, and 4.7.0 before 4.7.1, the usage of a Network object created from an inactive DHCP interface in the filtering slot results in the usage of an object of the :any" type, which may have unexpected results for access control.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LStormshield Network Security
APPStormshield4.7.01.0.0 – 3.7.37 (bez)3.8.0 – 3.11.25 (bez)4.0.0 – 4.3.19 (bez)4.4.0 – 4.6.6 (bez)
Powiązane podatności
On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerabilit...
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large g...
In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, ...
The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP cont...
An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information cou...