HIGH🇬🇧 English

CVE-2025-48707

CVSS 7.5v3.1pub. 2025-09-25upd. 2025-10-14

An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information could, in some HA use cases, be shared among administrators, which can cause secret sharing.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Stormshield Network Security

    APP
    Stormshield
    < 5.0.1
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2023-20032CRITICAL9.8ten sam produkt

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerabilit...

CVE-2022-37434CRITICAL9.8ten sam produkt

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large g...

CVE-2021-31617CRITICAL9.8ten sam produkt

In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, ...

CVE-2020-7465CRITICAL9.8ten sam produkt

The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP cont...

CVE-2023-34198HIGH7.3ten sam produkt

In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25...