Vulnerability: Unauthorized Duplication of Security Policies in SES Evolution before 2.1.0

Vulnerability: Unauthorized Duplication of Security Policies in SES Evolution before 2.1.0

CVE-2021-31224 · LOW Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies.

Learn more about our User Device Pen Test.