CVE-2023-47093 — MEDIUM (6.5)

Q: What is CVE-2023-47093?

CVE-2023-47093 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.

Q: How severe is CVE-2023-47093?

CVE-2023-47093 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-47093?

Check the references section above for vendor advisories and patch information. Affected products include: Stormshield Stormshield Network Security.

Vulnerability Description

An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.

CVSS Score

6.5

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Stormshield	Stormshield Network Security	>= 4.0.0, < 4.3.22

References

https://advisories.stormshield.eu/2023-031/Vendor Advisory
https://advisories.stormshield.eu/2023-031/Vendor Advisory

FAQ

What is CVE-2023-47093?

CVE-2023-47093 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered in Stormshield Network Security (SNS) 4.0.0 through 4.3.21, 4.4.0 through 4.6.8, and 4.7.0. Sending a crafted ICMP packet may lead to a crash of the ASQ engine.

How severe is CVE-2023-47093?

CVE-2023-47093 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-47093?

Check the references section above for vendor advisories and patch information. Affected products include: Stormshield Stormshield Network Security.