Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield endpoint security vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-45091
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.
Stormshield Endpoint Security 2.1.1
Stormshield Endpoint Security 2.1.0
5.9
CVSSv3
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
5.2
CVSSv3
CVE-2021-45089
Stormshield Endpoint Security 2.x prior to 2.1.2 has Incorrect Access Control.
Stormshield Endpoint Security
5.5
CVSSv3
CVE-2023-35799
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.
Stormshield Endpoint Security
4.3
CVSSv3
CVE-2023-35800
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information res...
Stormshield Endpoint Security
9.8
CVSSv3
CVE-2021-45090
Stormshield Endpoint Security prior to 2.1.2 allows remote code execution.
Stormshield Endpoint Security
5.5
CVSSv3
CVE-2023-23561
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
Stormshield Endpoint Security
4.3
CVSSv3
CVE-2023-23562
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters.
Stormshield Endpoint Security
5.2
CVSSv3
CVE-2021-31220
SES Evolution prior to 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
Stormshield Endpoint Security
5.7
CVSSv3
CVE-2021-31221
SES Evolution prior to 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »