CPE-0917C295-C96E-4A48-9D57-EA843D826322 Detail

CPE Details

Stormshield Endpoint Security (SES) 2.1.0

Vendor

stormshield

Product

endpoint_security

Version

2.1.0

Created

2021-07-14
12h19 +00:00

Modified

2021-08-17
13h32 +00:00

Official links

CPE NVD

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Notifications manage

List of Notifications

Alerte pour un CPE

Stay informed of any changes for a specific CPE.

Parameters

You can specify a title that will be retrieved in the alerts that will be sent out.

CPE ID

Planning

Month

Next run calculation

Day

Weekday

Hour

Minute

Creation date

Last execution

Next execution

Functionality requiring a connection

This feature, which allows you to receive alerts, is only active when you are logged into your account.

CPE Name: cpe:2.3:a:stormshield:endpoint_security:2.1.0:::::::*

Informations

Vendor

stormshield

Product

endpoint_security

Version

2.1.0

Related CVE

Open and find in CVE List

CVE ID	Published	Description	Score	Severity
CVE-2023-35799	2023-06-26 22h00 +00:00	Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.	5.5	Medium
CVE-2023-35800	2023-06-26 22h00 +00:00	Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators.	4.3	Medium
CVE-2022-4304	2023-02-08 19h04 +00:00	A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.	5.9	Medium
CVE-2021-45090	2021-12-21 14h17 +00:00	Stormshield Endpoint Security before 2.1.2 allows remote code execution.	9.8	Critical
CVE-2021-45089	2021-12-21 14h15 +00:00	Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Control.	5.2	Medium
CVE-2021-45091	2021-12-21 14h10 +00:00	Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access Control.	4.3	Medium

Stormshield Endpoint Security (SES) 2.1.0

CPE Details

CPE Name: cpe:2.3:a:stormshield:endpoint_security:2.1.0:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:stormshield:endpoint_security:2.1.0:::::::*