cbcvebase.
CVE-2021-3384
published 2021-03-02

CVE-2021-3384: A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily…

PriorityP428medium5.3CVSS 3.1
AVNACLPRNUINSUCNINAL
EPSS
1.02%
58.9th percentile
A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. This affects versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0.0 to 3.7.16, 3.8.0 to 3.11.4, and 4.0.0 to 4.1.5. Fixed in versions 2.7.8, 3.7.17, 3.11.5, and 4.2.0.

Affected

5 ranges
VendorProductVersion rangeFixed in
stormshieldstormshield_network_security>= 2.0.0 < 2.7.82.7.8
stormshieldstormshield_network_security2.8.0 – 2.16.0
stormshieldstormshield_network_security3.0.0 – 3.7.17
stormshieldstormshield_network_security3.8.0 – 3.11.5
stormshieldstormshield_network_security>= 4.0.0 < 4.1.54.1.5

CVSS provenance

nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.