Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield endpoint security vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-45091
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.
Stormshield Endpoint Security 2.1.1
Stormshield Endpoint Security 2.1.0
NA
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
NA
CVE-2023-35799
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.
Stormshield Endpoint Security
NA
CVE-2023-35800
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information res...
Stormshield Endpoint Security
4.6
CVSSv2
CVE-2021-35957
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones.
Stormshield Endpoint Security
2.3
CVSSv2
CVE-2021-45089
Stormshield Endpoint Security 2.x prior to 2.1.2 has Incorrect Access Control.
Stormshield Endpoint Security
10
CVSSv2
CVE-2021-45090
Stormshield Endpoint Security prior to 2.1.2 allows remote code execution.
Stormshield Endpoint Security
2.3
CVSSv2
CVE-2021-31220
SES Evolution prior to 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
Stormshield Endpoint Security
2.9
CVSSv2
CVE-2021-31221
SES Evolution prior to 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
2.9
CVSSv2
CVE-2021-31222
SES Evolution prior to 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36954
CVE-2024-36933
CVE-2024-24919
CVE-2024-36923
CVE-2024-2961
CVE-2024-36925
bypass
encryption
command injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »