Описание
An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 4.3.13 (включая) до 4.3.23 (исключая)Версия от 4.6.0 (включая) до 4.6.10 (исключая)Версия от 4.7.0 (включая) до 4.7.2 (исключая)
Одно из
cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*
cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*
cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:*
EPSS
Процентиль: 40%
0.00179
Низкий
7.5 High
CVSS3
Дефекты
CWE-120
CWE-120
Связанные уязвимости
CVSS3: 7.5
github
около 2 лет назад
An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker can overflow the cookie threshold, making an IPsec connection impossible.
EPSS
Процентиль: 40%
0.00179
Низкий
7.5 High
CVSS3
Дефекты
CWE-120
CWE-120