← volver
CVE-2026-8482

Information leak in NSRPC client history

CVSS 4.3 MEDIUMCWE-532
Vexday Risk Score
10Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.3EPSS KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
02 jul 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included) There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password.
CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N