CVE-2023-23561
MEDIUMStormshield Endpoint Security < 2.4.1 - Origin Validation Error
Title source: ruleDescription
Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control: authenticated users can read sensitive information.
Scores
CVSS v3
5.5
EPSS
0.0005
EPSS Percentile
16.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Classification
CWE
CWE-346
Status
published
Affected Products (1)
stormshield/endpoint_security
< 2.4.1
Timeline
Published
May 30, 2023
Tracked Since
Feb 18, 2026