Vulnerabilities > Stormshield > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-13 | CVE-2021-31220 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies. low complexity stormshield | 5.2 |
2021-07-13 | CVE-2021-31221 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows deleting some parts of a security policy by leveraging access to a computer having the administration console installed. low complexity stormshield | 5.7 |
2021-07-13 | CVE-2021-31222 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed. low complexity stormshield | 5.7 |
2021-07-13 | CVE-2021-31223 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows reading some parts of a security policy by leveraging access to a computer having the administration console installed. low complexity stormshield | 5.7 |
2021-07-13 | CVE-2021-35957 | Uncontrolled Search Path Element vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 Stormshield Endpoint Security Evolution 2.0.0 through 2.0.2 does not accomplish the intended defense against local administrators who can replace the Visual C++ runtime DLLs (in %WINDIR%\system32) with malicious ones. | 6.7 |
2021-03-19 | CVE-2021-27506 | The ClamAV Engine (version 0.103.1 and below) component embedded in Storsmshield Network Security (SNS) is subject to DoS in case of parsing of malformed png files. | 5.5 |
2021-03-02 | CVE-2021-3384 | Unspecified vulnerability in Stormshield Network Security A vulnerability in Stormshield Network Security could allow an attacker to trigger a protection related to ARP/NDP tables management, which would temporarily prevent the system to contact new hosts via IPv4 or IPv6. | 5.3 |
2020-04-13 | CVE-2020-8430 | Open Redirect vulnerability in Stormshield Network Security Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. | 6.1 |