Lucene search
PRIOn knowledge basePRION:CVE-2023-28616HistoryDec 26, 2023 - 4:15 a.m.
Code injection
2023-12-2604:15:00
PRIOn knowledge base
www.prio-n.com
3
code injection
security issue
sns vulnerability
clear text logging
syslog component
An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component.
| CPE | Name | Operator | Version |
|---|---|---|---|
| network_security | eq | 4.7.0 | |
| network_security | ge | 4.4.0 | |
| network_security | lt | 4.6.4 | |
| network_security | ge | 2.7.0 | |
| network_security | lt | 4.3.17 |
References
Related
cve
cve
CVE-2023-28616
2023-12-26 04:15:07
cvelist
cvelist
CVE-2023-28616
2023-12-26 00:00:00
nvd
nvd
CVE-2023-28616
2023-12-26 04:15:07