Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield endpoint security vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv3
CVE-2021-45091
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.
Stormshield Endpoint Security 2.1.1
Stormshield Endpoint Security 2.1.0
5.9
CVSSv3
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
5.7
CVSSv3
CVE-2021-31221
SES Evolution prior to 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
7.3
CVSSv3
CVE-2021-31225
SES Evolution prior to 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
5.5
CVSSv3
CVE-2023-35799
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.
Stormshield Endpoint Security
4.3
CVSSv3
CVE-2023-35800
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information res...
Stormshield Endpoint Security
9.8
CVSSv3
CVE-2021-45090
Stormshield Endpoint Security prior to 2.1.2 allows remote code execution.
Stormshield Endpoint Security
5.5
CVSSv3
CVE-2023-23561
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
Stormshield Endpoint Security
5.2
CVSSv3
CVE-2021-45089
Stormshield Endpoint Security 2.x prior to 2.1.2 has Incorrect Access Control.
Stormshield Endpoint Security
6.7
CVSSv3
CVE-2021-35957
Stormshield Endpoint Security Evolution 2.0.0 up to and including 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones.
Stormshield Endpoint Security
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
man-in-the-middle
CVE-2024-34558
CVE-2024-32674
CVE-2024-34351
XPath injection
CVE-2023-45866
CVE-2024-25528
CVE-2024-25517
path traversal
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »