A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included)
There is a possible leak of secret information if administration commands have been passed with the CLI command line tool.
Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://advisories.stormshield.eu/2025-007/ |
|
History
Sat, 04 Jul 2026 02:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Thu, 02 Jul 2026 10:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Stormshield
Stormshield stormshield Network Security |
|
| Vendors & Products |
Stormshield
Stormshield stormshield Network Security |
Thu, 02 Jul 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included) There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password. | |
| Title | Information leak in NSRPC client history | |
| Weaknesses | CWE-532 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: airbus
Published: 2026-07-02T08:42:56.777Z
Updated: 2026-07-02T12:20:17.839Z
Reserved: 2026-05-13T14:04:22.661Z
Link: CVE-2026-8482
Updated: 2026-07-02T12:20:09.475Z
No data.
No data.