CVE-2026-8482
Information leak in NSRPC client history
Vexday Risk Score
10Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 4.3EPSS —KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
02 jul 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
A vulnerability was discovered on StormShield Network Security 4.3.0 to 4.3.41 (included), 4.8.0 to 4.8.15 (included) , 5.0.0 to 5.0.5 (included)
There is a possible leak of secret information if administration commands have been passed with the CLI command line tool.
Someone with SSH access to the firewall (if SSH multiuser mode is enabled) could possibly get the proxy CA passphrase or TPM password.
CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N
Productos afectados
Stormshield · Stormshield Network SecurityReferencias
https://advisories.stormshield.eu/2025-007/