An issue was discovered in Stormshield Network Security (SNS) before 4.3.17, 4.4.x through 4.6.x before 4.6.4, and 4.7.x before 4.7.1. It affects user accounts for which the password has an equals sign or space character. The serverd process logs such passwords in cleartext, and potentially sends these logs to the Syslog component.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://advisories.stormshield.eu/2023-006 |
History
Tue, 20 Aug 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Stormshield stormshield Network Security
|
|
CPEs | cpe:2.3:a:stormshield:network_security:4.7.0:*:*:*:*:*:*:* |
cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:* cpe:2.3:a:stormshield:stormshield_network_security:4.7.0:*:*:*:*:*:*:* |
Vendors & Products |
Stormshield network Security
|
Stormshield stormshield Network Security
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2023-12-26T00:00:00
Updated: 2024-08-02T13:43:22.975Z
Reserved: 2023-03-19T00:00:00
Link: CVE-2023-28616
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-12-26T04:15:07.790
Modified: 2024-11-21T07:55:40.477
Link: CVE-2023-28616
Redhat
No data.