Lucene search
MitreCVE-2023-35799HistoryJun 27, 2023 - 5:15 p.m.
CVE-2023-35799
2023-06-2717:15:10
CWE-732
mitre
web.nvd.nist.gov
13
cve-2023-35799
stormshield
endpoint security
evolution
insecure permissions
ses evolution agent
arbitrary files
local system privileges
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
5.5
Confidence
High
EPSS
0
Percentile
9.0%
Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.
Affected configurations
Node
stormshieldendpoint_securityRange2.0.0–2.3.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| stormshield | endpoint_security | * | cpe:2.3:a:stormshield:endpoint_security:*:*:*:*:*:*:*:* |
Related
ubuntucve
ubuntucve
CVE-2023-35799
2023-06-27 00:00:00
prion
prion
Code injection
2023-06-27 17:15:00
nvd
nvd
CVE-2023-35799
2023-06-27 17:15:10
cvelist
cvelist
CVE-2023-35799
2023-06-27 00:00:00
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
5.5
Confidence
High
EPSS
0
Percentile
9.0%
Related for CVE-2023-35799