Vulnerabilities > Stormshield > Endpoint Security > 2.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-27 | CVE-2023-35799 | Incorrect Permission Assignment for Critical Resource vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. | 5.5 |
| 2023-06-27 | CVE-2023-35800 | Incorrect Permission Assignment for Critical Resource vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. | 4.3 |
| 2023-02-08 | CVE-2022-4304 | Information Exposure Through Discrepancy vulnerability in multiple products A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. | 5.9 |
| 2021-12-21 | CVE-2021-45089 | Unspecified vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control. low complexity stormshield | 5.2 |
| 2021-12-21 | CVE-2021-45090 | Unspecified vulnerability in Stormshield Endpoint Security Stormshield Endpoint Security before 2.1.2 allows remote code execution. | 9.8 |
| 2021-07-13 | CVE-2021-31220 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies. low complexity stormshield | 5.2 |
| 2021-07-13 | CVE-2021-31221 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed. low complexity stormshield | 5.7 |
| 2021-07-13 | CVE-2021-31222 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed. low complexity stormshield | 5.7 |
| 2021-07-13 | CVE-2021-31223 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed. low complexity stormshield | 5.7 |
| 2021-07-13 | CVE-2021-31224 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies. low complexity stormshield | 3.5 |