|Advisory ID||CVE Number||Date discovered||Severity||Advisory revision|
|STORM-2018-004||CVE-2017-17688 , CVE-2017-17689||05/13/2018||low||v1|
EFAIL describes vulnerabilities in the end-to-end encryption technologies OpenPGP and S/MIME that leak the plaintext of encrypted emails.
The two vulnerabilities, Direct Exfiltration and CBC/CFB Gadget Attack, could allow an attacker to exfiltrate sensitive data from encrypted emails.
|Stormshield Network Security||
|SNS does not use OpenPGP nor S/MIME|
|Stormshield Endpoint Security||
|SES does not use OpenPGP nor S/MIME|
|Stormshield Data Security||
|Stormshield Data Mail for Outlook uses specific mechanism to decrypt S/MIME and PGP emails and is consequently not vulnerable to Direct Exfiltration nor to the CBC/CFB Gadget Attacks|
|Fast does not use OpenPGP nor S/MIME|
|Netasq does not use OpenPGP nor S/MIME|