All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-8480
MEDIUMpublished 2026-07-01 16:16 UTC · 3 days ago · modified 2026-07-01 19:59 UTC
4.3
CVSS / 10
// description
A vulnerability was discovered on Stormshield Network Security 4.3.0 to 4.3.41 (included), 4.4.0 to 4.8.15 (included) , 5.0.2 EA to 5.0.5 (included) A revoked client certificate can still be used to authenticate to the captive‑admin portal, allowing an attacker who possesses the revoked certificate to gain administrative access.
// weaknesses (CWE)
- CWE-295