← back
CVE-2026-8482

Information leak in NSRPC client history

CVSS 4.3 MEDIUMCWE-532
Vexday Risk Score
10Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 4.3EPSS KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included) There is a possible leak of secret information if administration commands have been passed with the CLI command line tool. Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password.
CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N