CVE-2021-28962

Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain privileges via CLI commands.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 72%
VendorProductVersion
stormshieldstormshield_network_security
2.5.0 ≤
𝑥
< 2.7.9
stormshieldstormshield_network_security
2.8.0 ≤
𝑥
< 3.7.21
stormshieldstormshield_network_security
3.8.0 ≤
𝑥
< 3.11.9
stormshieldstormshield_network_security
4.0.0 ≤
𝑥
< 4.2.2
𝑥
= Vulnerable software versions
References
https://advisories.stormshield.eu/
https://advisories.stormshield.eu/2021-007/
https://documentation.stormshield.eu/SNS/v4/en/Content/Release_Notes_SNS/Getting_Started_RNO.htm
https://advisories.stormshield.eu/
https://advisories.stormshield.eu/2021-007/
https://documentation.stormshield.eu/SNS/v4/en/Content/Release_Notes_SNS/Getting_Started_RNO.htm