Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stormshield endpoint security vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2021-45091
Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.
Stormshield Endpoint Security 2.1.1
Stormshield Endpoint Security 2.1.0
NA
CVE-2022-4304
A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of ...
Openssl Openssl
Stormshield Stormshield Network Security
Stormshield Endpoint Security
Stormshield Sslvpn
1 Github repository
NA
CVE-2023-23562
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters.
Stormshield Endpoint Security
2.3
CVSSv2
CVE-2021-31220
SES Evolution prior to 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
Stormshield Endpoint Security
2.9
CVSSv2
CVE-2021-31222
SES Evolution prior to 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
4.3
CVSSv2
CVE-2021-31225
SES Evolution prior to 2.1.0 allows deleting some resources not currently in use by any security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
NA
CVE-2023-23561
Stormshield Endpoint Security 2.3.0 up to and including 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
Stormshield Endpoint Security
2.3
CVSSv2
CVE-2021-45089
Stormshield Endpoint Security 2.x prior to 2.1.2 has Incorrect Access Control.
Stormshield Endpoint Security
10
CVSSv2
CVE-2021-45090
Stormshield Endpoint Security prior to 2.1.2 allows remote code execution.
Stormshield Endpoint Security
2.9
CVSSv2
CVE-2021-31221
SES Evolution prior to 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed.
Stormshield Endpoint Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »