CVE-2021-31617

CRITICAL

Stormshield Network Security <=4.2.2 - Remote Code Execution via ASQ Memory Mishandling

Title source: llm
STIX 2.1

Description

In ASQ in Stormshield Network Security (SNS) 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2, mishandling of memory management can lead to remote code execution.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_misc
https://advisories.stormshield.eu/
Vendor Advisory x_refsource_misc
https://advisories.stormshield.eu/2021-020/

Scores

CVSS v3 9.8
EPSS 0.0209
EPSS Percentile 79.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
stormshield/stormshield_network_security 1.0.0 - 2.7.9
Published Jan 31, 2022
Tracked Since Feb 18, 2026