Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield endpoint security vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-45091
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.
Stormshield Endpoint Security 2.1.1
Stormshield Endpoint Security 2.1.0
NA
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
2.3
CVSSv2
CVE-2021-45089
Stormshield Endpoint Security 2.x prior to 2.1.2 has Incorrect Access Control.
Stormshield Endpoint Security
10
CVSSv2
CVE-2021-45090
Stormshield Endpoint Security prior to 2.1.2 allows remote code execution.
Stormshield Endpoint Security
NA
CVE-2023-23561
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
Stormshield Endpoint Security
NA
CVE-2023-23562
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters.
Stormshield Endpoint Security
NA
CVE-2023-35799
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.
Stormshield Endpoint Security
NA
CVE-2023-35800
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information res...
Stormshield Endpoint Security
4.6
CVSSv2
CVE-2021-35957
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones.
Stormshield Endpoint Security
2.3
CVSSv2
CVE-2021-31220
SES Evolution prior to 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
Stormshield Endpoint Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »