PT-2022-9882 · Stormshield · Stormshield Sns

Published

2022-01-27

Updated

2022-02-04

CVE-2021-28096

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Stormshield SNS versions prior to 4.2.3

Description An issue allows an attacker to saturate the proxy connection table, resulting in the proxy denying any new connections when the proxy is used.

Recommendations For versions prior to 4.2.3, update to version 4.2.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the proxy connection table to minimize the risk of exploitation.

Fix

Allocation of Resources Without Limits

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770

Related Identifiers

CVE-2021-28096

Affected Products

Stormshield Sns

PT-2022-9882 · Stormshield · Stormshield Sns

CVE-2021-28096

Weakness Enumeration

Related Identifiers

Affected Products

References · 4