Endpoint Security Tools
Approved changes feed: RSS · Atom
cpe:2.3:a:bitdefender:endpoint_security_tools:*:*:*:*:*:linux:*:*
part: a version: * update: *
| Vendor | Bitdefender (d5582d91-5be9-5b61-8324-642705c220ed) |
|---|---|
| Product | Endpoint Security Tools (23d5ca18-f89e-5ca8-b60d-c6f7c6caf565) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | linux |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-0677 |
vulnerable | 2026-06-03 14:45:56.620437 |
Improper Handling of Length Parameter Inconsistency vulnerability in Bitdefender Update Server (VA-10144)
HIGH (7.5)
Improper Handling of Length Parameter Inconsistency vulnerability in the Update Server component of Bitdefender Endpoint Security Tools (in relay role), GravityZone (in Update Server role) allows an attacker to cause a Denial-of-Service. This issue affects: Bitdefender Update Server versions prior to 3.4.0.276. Bitdefender GravityZone versions prior to 26.4-1. Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.171. Bitdefender Endpoint Security Tools for Windows versions prior to 7.4.1.111.
Published: 2022-04-07T18:21:34.788Z
Updated: 2024-09-16T22:02:25.418Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3554 |
vulnerable | 2026-06-03 14:45:11.791163 |
Improper Access Control vulnerability in the patchesUpdate API
CRITICAL (9)
Improper Access Control vulnerability in the patchesUpdate API as implemented in Bitdefender Endpoint Security Tools for Linux as a relay role allows an attacker to manipulate the remote address used for pulling patches. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.
Published: 2021-11-24T14:45:12.904Z
Updated: 2024-09-16T20:03:20.270Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3553 |
vulnerable | 2026-06-03 14:45:11.789135 |
Server-Side Request Forgery in EPPUpdateService remote config file (VA-9825)
MEDIUM (5.3)
A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateService of Bitdefender Endpoint Security Tools allows an attacker to use the Endpoint Protection relay as a proxy for any remote host. This issue affects: Bitdefender Endpoint Security Tools versions prior to 6.6.27.390; versions prior to 7.1.2.33. Bitdefender Unified Endpoint for Linux versions prior to 6.2.21.160. Bitdefender GravityZone versions prior to 6.24.1-1.
Published: 2021-11-24T14:45:20.276Z
Updated: 2024-09-17T01:25:41.833Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3485 |
vulnerable | 2026-06-03 14:45:11.493370 |
Improper Input Validation in Bitdefender Endpoint Security Tools for Linux
MEDIUM (6.4)
An Improper Input Validation vulnerability in the Product Update feature of Bitdefender Endpoint Security Tools for Linux allows a man-in-the-middle attacker to abuse the DownloadFile function of the Product Update to achieve remote code execution. This issue affects: Bitdefender Endpoint Security Tools for Linux versions prior to 6.2.21.155.
Published: 2021-05-24T13:30:17.816Z
Updated: 2024-09-16T16:28:38.711Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.