CVE-2022-30279

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
12/05/2022
Last modified:
20/08/2024

Description

An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:stormshield:stormshield_network_security:*:*:*:*:*:*:*:* 4.3.3 (including) 4.3.8 (excluding)


References to Advisories, Solutions, and Tools