CVE-2021-31222
First published: Tue Jul 13 2021(Updated: )
SES Evolution before 2.1.0 allows updating some parts of a security policy by leveraging access to a computer having the administration console installed.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Stormshield Endpoint Security | >=2.0.0<=2.0.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2021-31222?
CVE-2021-31222 is a vulnerability that allows updating some parts of a security policy in SES Evolution before 2.1.0 by leveraging access to a computer with the administration console installed.
What is the severity of CVE-2021-31222?
CVE-2021-31222 has a severity rating of 5.7, which is considered medium.
What software is affected by CVE-2021-31222?
The software affected by CVE-2021-31222 is Stormshield Endpoint Security (SES) Evolution versions 2.0.0 to 2.0.2.
How can the vulnerability CVE-2021-31222 be exploited?
CVE-2021-31222 can be exploited by leveraging access to a computer with the administration console installed to update certain parts of a security policy.
Is there a fix available for CVE-2021-31222?
Yes, updating SES Evolution to version 2.1.0 or later will fix the vulnerability CVE-2021-31222.
- collector/nvd-index
- vendor/stormshield
- canonical/stormshield endpoint security
- version/stormshield endpoint security/2.0.0
- version/stormshield endpoint security/2.0.2