Resolved vulnerabilities in SNS 4.6.3

Internal authentication service on the firewall (HTTPS)

A high severity vulnerability was fixed in the firewall's internal authentication service (HTTPS).

Details on this vulnerability can be found on our website https://advisories.stormshield.eu/2023-004.

Compression of HTTPS pages

A high severity vulnerability was fixed in the HTTPS page compression mechanism.

Details on this vulnerability can be found on our website https://advisories.stormshield.eu/2023-003.

Internal authentication service on the firewall (SSH)

A high severity vulnerability was fixed in the firewall's internal authentication service (SSH).

Details on this vulnerability can be found on our website https://advisories.stormshield.eu/2023-005.

ClamAV antivirus

A moderate severity vulnerability was fixed in ClamAV.

Details on this vulnerability can be found on our website https://advisories.stormshield.eu/2022-027.

OpenSSL

Several vulnerabilities were fixed in OpenSSL.

Details on these vulnerabilities can be found on our website:

• https://advisories.stormshield.eu/2023-008 (low severity),
• https://advisories.stormshield.eu/2023-009 (moderate severity),
• https://advisories.stormshield.eu/2023-010 (low severity).

SIP protocol

A high severity vulnerability was fixed in the SIP protocol analysis engine.

Details on this vulnerability can be found on our website: https://advisories.stormshield.eu/2023-007.