CVE Tools

stormshield

Networking Infrastructurecommercial

43

Cumulative CVEs

9

Monthly snapshots

#55

Peak rank

Top products

stormshield network security6

Latest CVEs

The 15 most recently published vulnerabilities affecting stormshield.

CVE-2026-8474Possible to run a Cross Site Scripting request on the login API available on Stormshield SNS appliances.5.3Jun 1, 2026
CVE-2025-48707An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information could, in some HA use cases, be shared among administrators, which can cause secret sharing.7.5Sep 25, 2025
CVE-2023-28616An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals ...7.5Dec 26, 2023
CVE-2023-47091An issue was discovered in Stormshield Network Security (SNS) SNS 4.3.13 through 4.3.22 before 4.3.23, SNS 4.6.0 through 4.6.9 before 4.6.10, and SNS 4.7.0 through 4.7.1 before 4.7.2. An attacker c...7.5Dec 25, 2023
CVE-2023-41165An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.11.27, 4.0 through 4.3.21 before 4.3.22, and 4.4.0 through 4.6.8 be...4.8Dec 25, 2023
CVE-2023-34198In Stormshield Network Security (SNS) 1.0.0 through 3.7.36 before 3.7.37, 3.8.0 through 3.11.24 before 3.11.25, 4.0.0 through 4.3.18 before 4.3.19, 4.4.0 through 4.6.5 before 4.6.6, and 4.7.0 befor...7.3Dec 25, 2023
CVE-2023-47093An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.6.5Dec 20, 2023
CVE-2023-41166An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know...5.3Dec 20, 2023
CVE-2023-26095ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet.7.5Aug 28, 2023
CVE-2022-46783An issue was discovered in Stormshield SSL VPN Client before 3.2.0. If multiple address books are used, an attacker may be able to access the other encrypted address book.5.3Aug 28, 2023
CVE-2021-27932Stormshield Network Security (SNS) VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions.7.8Aug 25, 2023
CVE-2020-11711An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin pan...4.8Aug 25, 2023
CVE-2022-46782An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator ...7.8Aug 5, 2023
CVE-2023-35800Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows inte...4.3Jun 27, 2023
CVE-2023-35799Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.5.5Jun 27, 2023