A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included)
There is a possible leak of secret information if administration commands have been passed with the CLI command line tool.
Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://advisories.stormshield.eu/2025-007/ |
|
History
Thu, 02 Jul 2026 10:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Stormshield
Stormshield stormshield Network Security |
|
| Vendors & Products |
Stormshield
Stormshield stormshield Network Security |
Thu, 02 Jul 2026 09:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included) There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password. | |
| Title | Information leak in NSRPC client history | |
| Weaknesses | CWE-532 | |
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: airbus
Published:
Updated: 2026-07-02T08:42:56.777Z
Reserved: 2026-05-13T14:04:22.661Z
Link: CVE-2026-8482
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-02T10:30:15Z