Broken access control

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2024-024 CVE-2024-39706 03/09/2024 low v1

Vulnerability details

A vulnerability has been identified in the web administration interface for SNS products. An administrator can write some of the configuration settings even if another user with administration rights is logged in with write access privileges.

Impacted products

ProductsSeverityDetail
Stormshield Network Security low SNS is impacted

Revisions

Version Date Description
v1 07/15/2024 Initial release
v2 09/24/2024 Update and Disclosed


Stormshield Network Security

CVSS v3.1 Overall Score: 1.5      

Analysis

Impacted version

The SNS web interface allows only to have one administrator with writing access at the same time. If a user with administration privileges wants to perform writing operations while another administrator has the lock, it’s impossible to write. However some commands can be executed despite of the lock.

 

  • SNS 4.8.2
  • SNS 4.6.0 to 4.7.6
  • SNS 4.3.0 to 4.3.27
  • SNS 3.11.0 to 3.11.29
  • SNS 3.7.0 to 3.7.41

Workaround solution

Solution

There is no workaround solution.

The following versions fix this vulnerability:

  • 4.8.3
  • 4.7.7
  • 4.3.28
  • 3.11.30
  • 3.7.42

 



Attack Vector Attack Complexity Privileges Required User Interaction Scope Confidentiality Impact Integrity Impact Availability impact
Local Low High None Unchanged None Low None
CVSS Base score: 2.3 CVSS Vector: (AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N)
Exploit Code Maturity Remediation Level Report Confidence
Proof of concept code Official fix Confirmed
CVSS Temporal score: 2.1 CVSS Vector: (AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C)
Confidentiality Requirement Integrity Requirement Availability Requirement
Medium Low Low
CVSS Environmental score: 1.5 CVSS Vector: (AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C/CR:M/IR:L/AR:L/MAV:X/MAC:X/MPR:X/MUI:X/MS:X/MC:X/MI:X/MA:X)


Acknowledgements

This vulnerability has been discovered by researchers nicovell3 and borgi.