SES update vulnerability

Advisory ID CVE Number Date discovered Severity Advisory revision
STORM-2015-003 05/04/2015 low v2

Vulnerability details

A vulnerability has been found in the update process of Stormshield Endpoint Security. It may allow an attacker to apply the default security policy instead of the policy defined by the customer.

Products

ProductSeverityDetail
Stormshield Network Security

None

Stormshield network security is not impacted
Stormshield Endpoint Security low A vulnerability has been found in the update process of Stormshield Endpoint Security. It may allow an attacker to apply the default security policy instead of the policy defined by the customer.
Stormshield Data Security

None

Stormshield Data security is not impacted
Fast360

None

Fast 360 is not impacted
Netasq

None

Netasq is not impacted

Revisions

Version Date Description
v2 05/12/2015 Official fix
v1 05/07/2015 Initial release

 



Stormshield Endpoint Security

CVSS Overall Score: 2      

Analysis

Impacted version

During the update process of a 7.1.x version of Stormshield Endpoint Security (SES) to the 7.2.0 version, updated agents may apply the default security policy instead of the intended policy defined by the customer.

This issue occurs when an agent downloads a security policy from a 7.2.0 server before updating itself to version 7.2.0. In this case, the default security policy will be applied when the agent updates to 7.2.0.

  • SES v7.2.00

Workaround solution

Solution

It is possible to force newly updated agents to apply the intended security policy by resynchronizing the security policy from the management console after the agents have been migrated to version 7.2.0 (the security policy must be modified in some way in order to generate a new version of the security policy).

7.2.01 update correcting this vulnerability is available since May 11th 2015.



Access vector Access complexity Authentication Confidentiality impact Integrity impact Availability impact
Local Low None Complete Complete None
CVSS Base score: 6.6 CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:N)
Exploitability Remediation Level Report Confidence
High Official fix Confirmed
CVSS Temporal score: 5.7 CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:N/E:H/RL:OF/RC:C)
Collateral Damage Potential Target Distribution
High Low [0-25%]
CVSS Environmental score: 2 CVSS Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:N/E:H/RL:OF/RC:C/CDP:H/TD:L)