Search criteria
213 vulnerabilities found for endpoint_protection by symantec
FKIE_CVE-2020-5836
Vulnerability from fkie_nvd - Published: 2020-05-11 20:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BD7B93-C5F6-4FA1-B450-E54B62F01C5D",
"versionEndExcluding": "14.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, versiones anteriores a 14.3, puede potencialmente restablecer las ACL en un archivo como un usuario limitado, mientras la funcionalidad Tamper Protection de Symantec Endpoint Protection es desactivada."
}
],
"id": "CVE-2020-5836",
"lastModified": "2024-11-21T05:34:40.337",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-11T20:15:12.337",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5837
Vulnerability from fkie_nvd - Published: 2020-05-11 20:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| symantec | endpoint_protection | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A9BD7B93-C5F6-4FA1-B450-E54B62F01C5D",
"versionEndExcluding": "14.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection, versiones anteriores a 14.3, puede no respetar los permisos de archivo cuando se escriben en archivos de registro que son reemplazados por enlaces simb\u00f3licos, lo que puede conllevar a una potencial elevaci\u00f3n de privilegios."
}
],
"id": "CVE-2020-5837",
"lastModified": "2024-11-21T05:34:40.433",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-11T20:15:12.417",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-59"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5826
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad fuera de l\u00edmites, que es un tipo de problema que resulta en que una aplicaci\u00f3n existente lea la memoria fuera de los l\u00edmites de la memoria que ha sido asignada al programa."
}
],
"id": "CVE-2020-5826",
"lastModified": "2024-11-21T05:34:39.330",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:17.073",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5825
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escritura de archivos arbitraria, que es un tipo de problema por el cual un atacante es capaz de sobrescribir archivos existentes sobre el sistema residente sin los privilegios apropiados."
}
],
"id": "CVE-2020-5825",
"lastModified": "2024-11-21T05:34:39.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.997",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5822
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2020-5822",
"lastModified": "2024-11-21T05:34:38.893",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.747",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5824
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de denegaci\u00f3n de servicio, que es un tipo de problema por el cual un actor de amenaza intenta vincular los recursos de una aplicaci\u00f3n residente, haciendo de esta manera que determinadas funciones no est\u00e9n disponibles."
}
],
"id": "CVE-2020-5824",
"lastModified": "2024-11-21T05:34:39.113",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.900",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5820
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2020-5820",
"lastModified": "2024-11-21T05:34:38.650",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.543",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5821
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de inyecci\u00f3n DLL, que es un tipo de problema por el cual un individuo intenta ejecutar su propio c\u00f3digo en lugar de un c\u00f3digo leg\u00edtimo como un medio para llevar a cabo una explotaci\u00f3n."
}
],
"id": "CVE-2020-5821",
"lastModified": "2024-11-21T05:34:38.783",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.650",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-5823
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2020-5823",
"lastModified": "2024-11-21T05:34:39.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.823",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-5311
Vulnerability from fkie_nvd - Published: 2020-01-09 20:15 - Updated: 2024-11-21 02:54
Severity ?
Summary
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99BAFC5B-CF3B-4B6E-A9FF-4426FB4F1C36",
"versionEndExcluding": "22.8.0.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3DB3235B-B116-477F-A615-CA4D725A4102",
"versionEndExcluding": "22.8.0.50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_360:*:*:*:*:*:*:*:*",
"matchCriteriaId": "FB28D86F-DCDE-4034-B166-B3932FB6830D",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2725D6BB-F411-4A0F-A68F-A40AE3D76F51",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_antivirus_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "70D5D6E1-4E7C-44B9-8CC8-1B0EB5ADD462",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_family:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BFB88FB9-8802-4902-B430-4D4F77ECFB0A",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_internet_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "03C6560F-041D-4BDB-A857-359F22C93C60",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security:*:*:*:*:*:*:*:*",
"matchCriteriaId": "93566F86-6E3B-4C8F-8CA5-6C1662AEEDED",
"versionEndExcluding": "22.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:norton_security_with_backup:*:*:*:*:*:*:*:*",
"matchCriteriaId": "53AAF3FD-F59A-4F2D-80E7-2D415C28431C",
"versionEndExcluding": "22.7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
},
{
"lang": "es",
"value": "Se presenta una vulnerabilidad de escalada de privilegios en Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud y Endpoint Protection Cloud Client, debido a una precarga de DLL sin restricciones de ruta, que podr\u00eda permitir a un usuario malicioso local obtener privilegios system."
}
],
"id": "CVE-2016-5311",
"lastModified": "2024-11-21T02:54:04.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-01-09T20:15:11.163",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"source": "secure@symantec.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-427"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-5837 (GCVE-0-2020-5837)
Vulnerability from cvelistv5 – Published: 2020-05-11 19:25 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection |
Affected:
Prior to 14.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T19:25:45",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762",
"refsource": "MISC",
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5837",
"datePublished": "2020-05-11T19:25:45",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5836 (GCVE-0-2020-5836)
Vulnerability from cvelistv5 – Published: 2020-05-11 19:23 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection |
Affected:
Prior to 14.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T19:23:11",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762",
"refsource": "MISC",
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5836",
"datePublished": "2020-05-11T19:23:11",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5826 (GCVE-0-2020-5826)
Vulnerability from cvelistv5 – Published: 2020-02-11 17:09 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
Severity ?
No CVSS data available.
CWE
- Out of Bounds
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:09:08",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5826",
"datePublished": "2020-02-11T17:09:08",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5825 (GCVE-0-2020-5825)
Vulnerability from cvelistv5 – Published: 2020-02-11 17:07 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
Severity ?
No CVSS data available.
CWE
- Arbitrary File Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary File Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:31",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary File Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5825",
"datePublished": "2020-02-11T17:07:31",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5824 (GCVE-0-2020-5824)
Vulnerability from cvelistv5 – Published: 2020-02-11 17:07 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:04",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5824",
"datePublished": "2020-02-11T17:07:04",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5823 (GCVE-0-2020-5823)
Vulnerability from cvelistv5 – Published: 2020-02-11 17:04 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:40",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5823",
"datePublished": "2020-02-11T17:04:40",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5822 (GCVE-0-2020-5822)
Vulnerability from cvelistv5 – Published: 2020-02-11 17:04 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:33",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5822",
"datePublished": "2020-02-11T17:04:33",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5821 (GCVE-0-2020-5821)
Vulnerability from cvelistv5 – Published: 2020-02-11 17:02 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
Severity ?
No CVSS data available.
CWE
- DLL Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:02:06",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5821",
"datePublished": "2020-02-11T17:02:07",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5820 (GCVE-0-2020-5820)
Vulnerability from cvelistv5 – Published: 2020-02-11 17:01 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:01:32",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5820",
"datePublished": "2020-02-11T17:01:32",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5311 (GCVE-0-2016-5311)
Vulnerability from cvelistv5 – Published: 2020-01-09 19:30 – Updated: 2024-08-06 01:00
VLAI?
Summary
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
Severity ?
No CVSS data available.
CWE
- untrusted search path
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Symantec | Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360 |
Affected:
before 22.7
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:58.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
"vendor": "Symantec",
"versions": [
{
"status": "affected",
"version": "before 22.7"
}
]
},
{
"product": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
"vendor": "Symantec",
"versions": [
{
"status": "affected",
"version": "before 22.8.0.50"
}
]
}
],
"datePublic": "2016-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "untrusted search path",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-09T19:30:52",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-5311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
"version": {
"version_data": [
{
"version_value": "before 22.7"
}
]
}
},
{
"product_name": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
"version": {
"version_data": [
{
"version_value": "before 22.8.0.50"
}
]
}
}
]
},
"vendor_name": "Symantec"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "untrusted search path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/94295",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/94295"
},
{
"name": "http://www.securitytracker.com/id/1037323",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037323"
},
{
"name": "http://www.securitytracker.com/id/1037324",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037324"
},
{
"name": "http://www.securitytracker.com/id/1037325",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037325"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-5311",
"datePublished": "2020-01-09T19:30:52",
"dateReserved": "2016-06-06T00:00:00",
"dateUpdated": "2024-08-06T01:00:58.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5837 (GCVE-0-2020-5837)
Vulnerability from nvd – Published: 2020-05-11 19:25 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection |
Affected:
Prior to 14.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T19:25:45",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5837",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762",
"refsource": "MISC",
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5837",
"datePublished": "2020-05-11T19:25:45",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5836 (GCVE-0-2020-5836)
Vulnerability from nvd – Published: 2020-05-11 19:23 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection's Tamper Protection feature is disabled.
Severity ?
No CVSS data available.
CWE
- Elevation of Privilege
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection |
Affected:
Prior to 14.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.917Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-11T19:23:11",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5836",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection",
"version": {
"version_data": [
{
"version_value": "Prior to 14.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited user while Symantec Endpoint Protection\u0027s Tamper Protection feature is disabled."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762",
"refsource": "MISC",
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5836",
"datePublished": "2020-05-11T19:23:11",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.917Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5826 (GCVE-0-2020-5826)
Vulnerability from nvd – Published: 2020-02-11 17:09 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
Severity ?
No CVSS data available.
CWE
- Out of Bounds
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:09:08",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5826",
"datePublished": "2020-02-11T17:09:08",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5825 (GCVE-0-2020-5825)
Vulnerability from nvd – Published: 2020-02-11 17:07 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
Severity ?
No CVSS data available.
CWE
- Arbitrary File Write
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary File Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:31",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary File Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5825",
"datePublished": "2020-02-11T17:07:31",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5824 (GCVE-0-2020-5824)
Vulnerability from nvd – Published: 2020-02-11 17:07 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
Severity ?
No CVSS data available.
CWE
- Denial of Service
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:04",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5824",
"datePublished": "2020-02-11T17:07:04",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5823 (GCVE-0-2020-5823)
Vulnerability from nvd – Published: 2020-02-11 17:04 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:40",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5823",
"datePublished": "2020-02-11T17:04:40",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5822 (GCVE-0-2020-5822)
Vulnerability from nvd – Published: 2020-02-11 17:04 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:33",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5822",
"datePublished": "2020-02-11T17:04:33",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5821 (GCVE-0-2020-5821)
Vulnerability from nvd – Published: 2020-02-11 17:02 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
Severity ?
No CVSS data available.
CWE
- DLL Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:02:06",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5821",
"datePublished": "2020-02-11T17:02:07",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5820 (GCVE-0-2020-5820)
Vulnerability from nvd – Published: 2020-02-11 17:01 – Updated: 2024-08-04 08:39
VLAI?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
Severity ?
No CVSS data available.
CWE
- Privilege Escalation
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Affected:
Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:01:32",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5820",
"datePublished": "2020-02-11T17:01:32",
"dateReserved": "2020-01-06T00:00:00",
"dateUpdated": "2024-08-04T08:39:25.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-5311 (GCVE-0-2016-5311)
Vulnerability from nvd – Published: 2020-01-09 19:30 – Updated: 2024-08-06 01:00
VLAI?
Summary
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
Severity ?
No CVSS data available.
CWE
- untrusted search path
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Symantec | Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360 |
Affected:
before 22.7
|
|||||||
|
|||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:00:58.618Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
"vendor": "Symantec",
"versions": [
{
"status": "affected",
"version": "before 22.7"
}
]
},
{
"product": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
"vendor": "Symantec",
"versions": [
{
"status": "affected",
"version": "before 22.8.0.50"
}
]
}
],
"datePublic": "2016-08-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "untrusted search path",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-01-09T19:30:52",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securityfocus.com/bid/94295"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037323"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037324"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securitytracker.com/id/1037325"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2016-5311",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360",
"version": {
"version_data": [
{
"version_value": "before 22.7"
}
]
}
},
{
"product_name": "Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client",
"version": {
"version_data": [
{
"version_value": "before 22.8.0.50"
}
]
}
}
]
},
"vendor_name": "Symantec"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "untrusted search path"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.securityfocus.com/bid/94295",
"refsource": "MISC",
"url": "http://www.securityfocus.com/bid/94295"
},
{
"name": "http://www.securitytracker.com/id/1037323",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037323"
},
{
"name": "http://www.securitytracker.com/id/1037324",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037324"
},
{
"name": "http://www.securitytracker.com/id/1037325",
"refsource": "MISC",
"url": "http://www.securitytracker.com/id/1037325"
},
{
"name": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00",
"refsource": "CONFIRM",
"url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161117_00"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2016-5311",
"datePublished": "2020-01-09T19:30:52",
"dateReserved": "2016-06-06T00:00:00",
"dateUpdated": "2024-08-06T01:00:58.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}