CVE-2021-31220
First published: Tue Jul 13 2021(Updated: )
SES Evolution before 2.1.0 allows modifying security policies by leveraging access of a user having read-only access to security policies.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield Endpoint Security | >=2.0.0<=2.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-31220?
CVE-2021-31220 is a vulnerability in SES Evolution before version 2.1.0 that allows modifying security policies by leveraging access of a user with read-only access to security policies.
How severe is CVE-2021-31220?
CVE-2021-31220 has a severity rating of 5.2, which is considered medium.
What software is affected by CVE-2021-31220?
Stormshield Endpoint Security versions 2.0.0 to 2.0.2 are affected by CVE-2021-31220.
How can the security policies be modified in SES Evolution?
The security policies in SES Evolution can be modified by leveraging the access of a user with read-only access to security policies.
How can I fix CVE-2021-31220?
To fix CVE-2021-31220, it is recommended to upgrade to version 2.1.0 of SES Evolution.
- collector/nvd-index
- vendor/stormshield
- canonical/stormshield endpoint security
- version/stormshield endpoint security/2.0.0
- version/stormshield endpoint security/2.0.2