CVE-2023-41166 Information

Description

An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39 3.11.0 through 3.11.27 4.3.0 through 4.3.22 4.6.0 through 4.6.9 and 4.7.0 through 4.7.1. It’s possible to know if a specific user account exists on the SNS firewall by using remote access commands.

Reference

https://advisories.stormshield.eu/2023-027