Design/Logic Flaw

2022-03-1521:15:00

PRIOn knowledge base

www.prio-n.com

7.3 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.5%

JSON

In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the blocking of almost all network traffic, making the firewall unreachable. An attacker could exploit this via forged and properly timed traffic to cause a denial of service.

CPENameOperatorVersion
network_securityge4.3.0
network_securitylt4.3.5
network_securityge4.0.0
network_securitylt4.2.10
network_securityge3.0.0
network_securitylt3.7.25
network_securityge3.8.0
network_securitylt3.11.13

Name	Operator	Version
network_security	ge	4.3.0
network_security	lt	4.3.5
network_security	ge	4.0.0
network_security	lt	4.2.10
network_security	ge	3.0.0
network_security	lt	3.7.25
network_security	ge	3.8.0
network_security	lt	3.11.13

References

advisories.stormshield.eu/2022-003