CRITICAL🇵🇱 Wersja polska

CVE-2021-31617

CVSS 9.8v3.1pub. 2022-01-31upd. 2024-11-21

In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memory management can lead to remote code execution.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Stormshield Network Security

    APP
    Stormshield
    1.0.0 – 2.7.9 (bez)2.8.0 – 3.7.21 (bez)3.8.0 – 3.11.9 (bez)4.0.1 – 4.2.3 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2023-20032CRITICAL9.8ten sam produkt

On Feb 15, 2023, the following vulnerability in the ClamAV scanning library was disclosed: A vulnerabilit...

CVE-2022-37434CRITICAL9.8ten sam produkt

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large g...

CVE-2020-7465CRITICAL9.8ten sam produkt

The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP cont...

CVE-2025-48707HIGH7.5ten sam produkt

An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information cou...

CVE-2023-34198HIGH7.3ten sam produkt

In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25...