CVE-2020-8430: a fixed vulnerability on SNS

The Stormshield Network Security product has been affected by a vulnerability, concerning an open redirection on the captive portal. This vulnerability has been fixed with the latest versions of the product.

This vulnerability, referenced CVE-2020-8430 by the MITRE, has been traced by Digitemis French experts to our teams and fixed with the latest SNS versions 3.7.11, 3.10.1 and 4.0.2.

A Severity level Medium

This vulnerability could allow an attacker to redirect an administrator to a fake authentication page and thus potentially recover his credentials.

Impacted versions, workarounds, corrective solutions: all details are available on advisories.stormshield.eu.

Share on

Versions 3.7.11, 3.10.1 and 4.0.2 fix the vulnerability. If you haven't already done so, we recommend that you update your systems.

About the author

mm
Franck Bourguet
VP Engineering, Stormshield

Developer, consultant, technical project manager and now Director of Engineering: Franck has worn many different hats during his professional career. There's almost nothing this knowledgeable globe-trotter hasn't done in the world of transport, including the deployment of complex, large-scale systems. As Stormshield's Director of Engineering, Franck gives the product engineering teams the benefit of all his knowledge and methods, facilitates constructive communication between product teams, partners and customers.