CVE-2023-41166

2023-12-2000:00:00

mitre

www.cve.org

stormshield network security

firewall

remote access

5.6 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.0%

JSON

An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It’s possible to know if a specific user account exists on the SNS firewall by using remote access commands.

References

advisories.stormshield.eu/2023-027