SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Information Disclosure
Endpoint Security
NVD
CVSS 3.1
3.5
EPSS
0.3%