PT-2023-19042 · Stormshield · Stormshield Endpoint Security
Published
2023-05-31
·
Updated
2025-01-10
·
CVE-2023-23562
CVSS v3.1
4.3
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Stormshield Endpoint Security versions 2.3.0 through 2.3.2
Description
The issue is related to Incorrect Access Control, allowing an authenticated user to update global parameters.
Recommendations
For Stormshield Endpoint Security versions 2.3.0 through 2.3.2, consider restricting access to global parameters to prevent unauthorized updates until a patch is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Stormshield Endpoint Security