CVE-2021-3384

A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. This affects versions 2.0.0 to 2.7.7, 2.8.0 to 2.16.0, 3.0.0 to 3.7.16, 3.8.0 to 3.11.4, and 4.0.0 to 4.1.5. Fixed in versions 2.7.8, 3.7.17, 3.11.5, and 4.2.0.

Published: Mar 2, 2021
Updated: Apr 14, 2023
CVE: CVE-2021-3384
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
stormshield / stormshield_network_security	2.8.0	2.16.0.x
stormshield / stormshield_network_security	4.0.0	4.1.5
stormshield / stormshield_network_security	3.0.0	3.7.17.x
stormshield / stormshield_network_security	2.0.0	2.7.8
stormshield / stormshield_network_security	3.8.0	3.11.5.x

https://advisories.stormshield.eu/2020-049/

Vulnerability Database

289,689

CVE-2021-3384