Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators.
References
Link | Resource |
---|---|
https://advisories.stormshield.eu | Vendor Advisory |
https://advisories.stormshield.eu/2023-021/ | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-06-27T00:00:00
Updated: 2023-06-27T00:00:00
Reserved: 2023-06-17T00:00:00
Link: CVE-2023-35800
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-27T17:15:10.170
Modified: 2023-07-05T13:40:17.047
Link: CVE-2023-35800
JSON object: View
Redhat Information
No data.
CWE