Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators.
History

Mon, 02 Dec 2024 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-06-27T00:00:00

Updated: 2024-12-02T21:36:25.620Z

Reserved: 2023-06-17T00:00:00

Link: CVE-2023-35800

cve-icon Vulnrichment

Updated: 2024-08-02T16:30:45.332Z

cve-icon NVD

Status : Modified

Published: 2023-06-27T17:15:10.170

Modified: 2024-11-21T08:08:44.080

Link: CVE-2023-35800

cve-icon Redhat

No data.