cvelistv5 - cve-2016-6590

CVE-2016-6590 (GCVE-0-2016-6590)

Vulnerability from cvelistv5 – Published: 2020-01-08 15:43 – Updated: 2024-08-06 01:36

Summary

A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.

Severity ?

No CVSS data available.

CWE

untrusted search path

Assigner

symantec

References

URL

Tags

	http://www.securityfocus.com/bid/94279	x_refsource_MISC
	http://www.securitytracker.com/id/1037302	x_refsource_MISC
	https://support.symantec.com/us/en/article.symsa1…	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

Symantec

IT Management Suite

Affected: 8.0 prior to 8.0 HF4 and 7.6 prior to 7.6 HF7

Symantec	Ghost Solution Suite	Affected: 3.1 prior to 3.1 MP4
Symantec	Symantec Endpoint Virtualization	Affected: 7.x prior to 7.6 HF
Symantec	Encryption Desktop	Affected: 0.x prior to 10.4.1 Affected: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T01:36:28.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/94279"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037302"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.symantec.com/us/en/article.symsa1385.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IT Management Suite",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "8.0 prior to 8.0 HF4 and  7.6 prior to 7.6 HF7"
            }
          ]
        },
        {
          "product": "Ghost Solution Suite",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "3.1 prior to 3.1 MP4"
            }
          ]
        },
        {
          "product": "Symantec Endpoint Virtualization",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "7.x  prior to 7.6 HF"
            }
          ]
        },
        {
          "product": "Encryption Desktop",
          "vendor": "Symantec",
          "versions": [
            {
              "status": "affected",
              "version": "0.x prior to 10.4.1"
            },
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-11-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "untrusted search path",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-01-08T15:43:33",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securityfocus.com/bid/94279"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.securitytracker.com/id/1037302"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.symantec.com/us/en/article.symsa1385.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "ID": "CVE-2016-6590",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "IT Management Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "8.0 prior to 8.0 HF4 and  7.6 prior to 7.6 HF7"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Ghost Solution Suite",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "3.1 prior to 3.1 MP4"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Symantec Endpoint Virtualization",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "7.x  prior to 7.6 HF"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "Encryption Desktop",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "0.x prior to 10.4.1"
                          },
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Symantec"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "untrusted search path"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.securityfocus.com/bid/94279",
              "refsource": "MISC",
              "url": "http://www.securityfocus.com/bid/94279"
            },
            {
              "name": "http://www.securitytracker.com/id/1037302",
              "refsource": "MISC",
              "url": "http://www.securitytracker.com/id/1037302"
            },
            {
              "name": "https://support.symantec.com/us/en/article.symsa1385.html",
              "refsource": "CONFIRM",
              "url": "https://support.symantec.com/us/en/article.symsa1385.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2016-6590",
    "datePublished": "2020-01-08T15:43:33",
    "dateReserved": "2016-08-03T00:00:00",
    "dateUpdated": "2024-08-06T01:36:28.532Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:encryption_desktop:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"10.0.0\", \"versionEndExcluding\": \"10.4.1\", \"matchCriteriaId\": \"8A8D6248-A467-42E3-91FB-5DDF0D7F569C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_encryption:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.6\", \"matchCriteriaId\": \"796EE952-7B18-4F2D-A1A7-529A7127C5F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_encryption:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AB53496E-9E66-4FB2-A86F-C6153A163305\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:ghost_solution_suite:3.1:-:*:*:*:*:*:*\", \"matchCriteriaId\": \"2DC2C82A-C0DE-48E0-B805-49F26D523168\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack1:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3068E0D-EEF2-4D63-AE0D-54025DBD78F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack2:*:*:*:*:*:*\", \"matchCriteriaId\": \"90A390EB-8DB2-4626-88A1-63E55BEEE716\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack3:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3B6CC37-2CE2-4F6B-BE0A-50124B09D085\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:it_management_suite:7.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4F07D13E-7BAC-41E8-8774-6278ED4947CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:it_management_suite:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D879F92-4706-4D48-BD87-BA689C59E786\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de escalada de privilegios cuando se cargan bibliotecas DLL durante el arranque y el reinicio en Symantec IT Management Suite versiones 8.0 anteriores a la versi\\u00f3n  8.0 HF4 y Suite versiones 7.6 anteriores a la versi\\u00f3n  7.6 HF7, Symantec Ghost Solution Suite versiones 3.1 anteriores a la versi\\u00f3n  3.1 MP4, Symantec Endpoint Virtualization versiones 7.x anteriores a la versi\\u00f3n 7.6 HF7 y Symantec Encryption Desktop versiones 10.x anteriores a la versi\\u00f3n 10.4.1, lo que podr\\u00eda permitir a un usuario malicioso local ejecutar c\\u00f3digo arbitrario.\"}]",
      "id": "CVE-2016-6590",
      "lastModified": "2024-11-21T02:56:23.577",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.4, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2020-01-08T16:15:10.517",
      "references": "[{\"url\": \"http://www.securityfocus.com/bid/94279\", \"source\": \"secure@symantec.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037302\", \"source\": \"secure@symantec.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.symantec.com/us/en/article.symsa1385.html\", \"source\": \"secure@symantec.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94279\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037302\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.symantec.com/us/en/article.symsa1385.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@symantec.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2016-6590\",\"sourceIdentifier\":\"secure@symantec.com\",\"published\":\"2020-01-08T16:15:10.517\",\"lastModified\":\"2024-11-21T02:56:23.577\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de escalada de privilegios cuando se cargan bibliotecas DLL durante el arranque y el reinicio en Symantec IT Management Suite versiones 8.0 anteriores a la versi\u00f3n  8.0 HF4 y Suite versiones 7.6 anteriores a la versi\u00f3n  7.6 HF7, Symantec Ghost Solution Suite versiones 3.1 anteriores a la versi\u00f3n  3.1 MP4, Symantec Endpoint Virtualization versiones 7.x anteriores a la versi\u00f3n 7.6 HF7 y Symantec Encryption Desktop versiones 10.x anteriores a la versi\u00f3n 10.4.1, lo que podr\u00eda permitir a un usuario malicioso local ejecutar c\u00f3digo arbitrario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":4.4,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:encryption_desktop:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.0.0\",\"versionEndExcluding\":\"10.4.1\",\"matchCriteriaId\":\"8A8D6248-A467-42E3-91FB-5DDF0D7F569C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_encryption:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.6\",\"matchCriteriaId\":\"796EE952-7B18-4F2D-A1A7-529A7127C5F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_encryption:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AB53496E-9E66-4FB2-A86F-C6153A163305\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:ghost_solution_suite:3.1:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DC2C82A-C0DE-48E0-B805-49F26D523168\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack1:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3068E0D-EEF2-4D63-AE0D-54025DBD78F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack2:*:*:*:*:*:*\",\"matchCriteriaId\":\"90A390EB-8DB2-4626-88A1-63E55BEEE716\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack3:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3B6CC37-2CE2-4F6B-BE0A-50124B09D085\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:it_management_suite:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4F07D13E-7BAC-41E8-8774-6278ED4947CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:it_management_suite:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D879F92-4706-4D48-BD87-BA689C59E786\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/94279\",\"source\":\"secure@symantec.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037302\",\"source\":\"secure@symantec.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.symantec.com/us/en/article.symsa1385.html\",\"source\":\"secure@symantec.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94279\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037302\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.symantec.com/us/en/article.symsa1385.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

CERTFR-2016-AVI-380

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans les produits Symantec. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec IT Management Suite 8.0 (ITMS) sans le correctif de sécurité HF4
Symantec	N/A	Symantec Endpoint Virtualization (SEV) versions 7.x antérieures à 7.6 HF7
Symantec	N/A	Symantec Ghost Solution Suite 3.1 (GSS) sans le correctif de sécurité MP4

References

Title

Publication Time

Tags

Bulletin de sécurité Symantec du 15 novembre 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec IT Management Suite 8.0 (ITMS) sans le correctif de s\u00e9curit\u00e9 HF4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Endpoint Virtualization (SEV) versions 7.x ant\u00e9rieures \u00e0 7.6 HF7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Ghost Solution Suite 3.1 (GSS) sans le correctif de s\u00e9curit\u00e9 MP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-6590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6590"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-380",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-11-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eles produits\nSymantec\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution\nde code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Symantec",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec du 15 novembre 2016",
      "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161115_00"
    }
  ]
}

CERTFR-2016-AVI-380

Vulnerability from certfr_avis - Published: - Updated:

Une vulnérabilité a été corrigée dans les produits Symantec. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Symantec	N/A	Symantec IT Management Suite 8.0 (ITMS) sans le correctif de sécurité HF4
Symantec	N/A	Symantec Endpoint Virtualization (SEV) versions 7.x antérieures à 7.6 HF7
Symantec	N/A	Symantec Ghost Solution Suite 3.1 (GSS) sans le correctif de sécurité MP4

References

Title

Publication Time

Tags

Bulletin de sécurité Symantec du 15 novembre 2016

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Symantec IT Management Suite 8.0 (ITMS) sans le correctif de s\u00e9curit\u00e9 HF4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Endpoint Virtualization (SEV) versions 7.x ant\u00e9rieures \u00e0 7.6 HF7",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    },
    {
      "description": "Symantec Ghost Solution Suite 3.1 (GSS) sans le correctif de s\u00e9curit\u00e9 MP4",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Symantec",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-6590",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-6590"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-380",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-11-16T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans \u003cspan class=\"textit\"\u003eles produits\nSymantec\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution\nde code arbitraire \u00e0 distance.\n",
  "title": "Vuln\u00e9rabilit\u00e9 dans les produits Symantec",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Symantec du 15 novembre 2016",
      "url": "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161115_00"
    }
  ]
}

FKIE_CVE-2016-6590

Vulnerability from fkie_nvd - Published: 2020-01-08 16:15 - Updated: 2024-11-21 02:56

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@symantec.com	http://www.securityfocus.com/bid/94279	Third Party Advisory, VDB Entry
secure@symantec.com	http://www.securitytracker.com/id/1037302	Third Party Advisory, VDB Entry
secure@symantec.com	https://support.symantec.com/us/en/article.symsa1385.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/94279	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1037302	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://support.symantec.com/us/en/article.symsa1385.html	Vendor Advisory

Impacted products

Vendor	Product	Version
symantec	encryption_desktop	*
symantec	endpoint_encryption	*
symantec	endpoint_encryption	7.6
symantec	ghost_solution_suite	3.1
symantec	ghost_solution_suite	3.1
symantec	ghost_solution_suite	3.1
symantec	ghost_solution_suite	3.1
symantec	it_management_suite	7.6
symantec	it_management_suite	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:symantec:encryption_desktop:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A8D6248-A467-42E3-91FB-5DDF0D7F569C",
              "versionEndExcluding": "10.4.1",
              "versionStartIncluding": "10.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:endpoint_encryption:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "796EE952-7B18-4F2D-A1A7-529A7127C5F5",
              "versionEndExcluding": "7.6",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:endpoint_encryption:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB53496E-9E66-4FB2-A86F-C6153A163305",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "2DC2C82A-C0DE-48E0-B805-49F26D523168",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack1:*:*:*:*:*:*",
              "matchCriteriaId": "A3068E0D-EEF2-4D63-AE0D-54025DBD78F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack2:*:*:*:*:*:*",
              "matchCriteriaId": "90A390EB-8DB2-4626-88A1-63E55BEEE716",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack3:*:*:*:*:*:*",
              "matchCriteriaId": "A3B6CC37-2CE2-4F6B-BE0A-50124B09D085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:it_management_suite:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F07D13E-7BAC-41E8-8774-6278ED4947CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:symantec:it_management_suite:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D879F92-4706-4D48-BD87-BA689C59E786",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
    },
    {
      "lang": "es",
      "value": "Existe una vulnerabilidad de escalada de privilegios cuando se cargan bibliotecas DLL durante el arranque y el reinicio en Symantec IT Management Suite versiones 8.0 anteriores a la versi\u00f3n  8.0 HF4 y Suite versiones 7.6 anteriores a la versi\u00f3n  7.6 HF7, Symantec Ghost Solution Suite versiones 3.1 anteriores a la versi\u00f3n  3.1 MP4, Symantec Endpoint Virtualization versiones 7.x anteriores a la versi\u00f3n 7.6 HF7 y Symantec Encryption Desktop versiones 10.x anteriores a la versi\u00f3n 10.4.1, lo que podr\u00eda permitir a un usuario malicioso local ejecutar c\u00f3digo arbitrario."
    }
  ],
  "id": "CVE-2016-6590",
  "lastModified": "2024-11-21T02:56:23.577",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2020-01-08T16:15:10.517",
  "references": [
    {
      "source": "secure@symantec.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94279"
    },
    {
      "source": "secure@symantec.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037302"
    },
    {
      "source": "secure@symantec.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.symantec.com/us/en/article.symsa1385.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/94279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1037302"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://support.symantec.com/us/en/article.symsa1385.html"
    }
  ],
  "sourceIdentifier": "secure@symantec.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-269"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-7J42-GGV7-2P5P

Vulnerability from github – Published: 2022-05-24 17:05 – Updated: 2022-05-24 17:05

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2016-6590"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2020-01-08T16:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.",
  "id": "GHSA-7j42-ggv7-2p5p",
  "modified": "2022-05-24T17:05:45Z",
  "published": "2022-05-24T17:05:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-6590"
    },
    {
      "type": "WEB",
      "url": "https://support.symantec.com/us/en/article.symsa1385.html"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/94279"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id/1037302"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

CNVD-2016-11375

Vulnerability from cnvd - Published: 2016-11-22

Title

多款Symantec产品DLL加载本地权限提升漏洞

Description

Symantec IT Management Suite是款用于减少企业IT资产管理的成本和复杂度的套件。Symantec Ghost Solution Suite是解决了跨平台磁盘映像和部署需求。多款Symantec产品存在DLL加载本地权限提升漏洞。本地攻击者可以利用漏洞在受影响的应用程序的上下文中执行任意代码。

Severity

高

Patch Name

多款Symantec产品DLL加载本地权限提升漏洞的补丁

Patch Description

Symantec IT Management Suite是款用于减少企业IT资产管理的成本和复杂度的套件。多款Symantec产品存在DLL加载本地权限提升漏洞。本地攻击者可以利用漏洞在受影响的应用程序的上下文中执行任意代码。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

用户可参考如下供应商提供的安全公告获得补丁信息： https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161115_00

Reference

http://www.securityfocus.com/bid/94279 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20161115_00

Impacted products

Name
['Symantec IT Management Suite 8.0', 'Symantec Ghost Solution Suite 3.1', 'Symantec Endpoint Virtualization 7.x']

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "94279"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2016-6590"
    }
  },
  "description": "Symantec IT Management Suite\u662f\u6b3e\u7528\u4e8e\u51cf\u5c11\u4f01\u4e1aIT\u8d44\u4ea7\u7ba1\u7406\u7684\u6210\u672c\u548c\u590d\u6742\u5ea6\u7684\u5957\u4ef6\u3002Symantec Ghost Solution Suite\u662f\u89e3\u51b3\u4e86\u8de8\u5e73\u53f0\u78c1\u76d8\u6620\u50cf\u548c\u90e8\u7f72\u9700\u6c42\u3002\r\n\r\n\u591a\u6b3eSymantec\u4ea7\u54c1\u5b58\u5728DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "discovererName": "Himanshu Mehta",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u4f9b\u5e94\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u5f97\u8865\u4e01\u4fe1\u606f\uff1a\r\nhttps://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161115_00",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-11375",
  "openTime": "2016-11-22",
  "patchDescription": "Symantec IT Management Suite\u662f\u6b3e\u7528\u4e8e\u51cf\u5c11\u4f01\u4e1aIT\u8d44\u4ea7\u7ba1\u7406\u7684\u6210\u672c\u548c\u590d\u6742\u5ea6\u7684\u5957\u4ef6\u3002\r\n\r\n\u591a\u6b3eSymantec\u4ea7\u54c1\u5b58\u5728DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u4ee5\u5229\u7528\u6f0f\u6d1e\u5728\u53d7\u5f71\u54cd\u7684\u5e94\u7528\u7a0b\u5e8f\u7684\u4e0a\u4e0b\u6587\u4e2d\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "\u591a\u6b3eSymantec\u4ea7\u54c1DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Symantec  IT Management Suite 8.0",
      "Symantec Ghost Solution Suite 3.1",
      "Symantec Endpoint Virtualization 7.x"
    ]
  },
  "referenceLink": "http://www.securityfocus.com/bid/94279\r\nhttps://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory\u0026pvid=security_advisory\u0026year=\u0026suid=20161115_00",
  "serverity": "\u9ad8",
  "submitTime": "2016-11-17",
  "title": "\u591a\u6b3eSymantec\u4ea7\u54c1DLL\u52a0\u8f7d\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e"
}

GSD-2016-6590

Vulnerability from gsd - Updated: 2023-12-13 01:21

Details

Aliases

CVE-2016-6590

Aliases

CVE-2016-6590

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2016-6590",
    "description": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.",
    "id": "GSD-2016-6590"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2016-6590"
      ],
      "details": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code.",
      "id": "GSD-2016-6590",
      "modified": "2023-12-13T01:21:23.912651Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@symantec.com",
        "ID": "CVE-2016-6590",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "IT Management Suite",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "8.0 prior to 8.0 HF4 and  7.6 prior to 7.6 HF7"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Ghost Solution Suite",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "3.1 prior to 3.1 MP4"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Symantec Endpoint Virtualization",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "7.x  prior to 7.6 HF"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "Encryption Desktop",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "0.x prior to 10.4.1"
                        },
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Symantec"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "untrusted search path"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://www.securityfocus.com/bid/94279",
            "refsource": "MISC",
            "url": "http://www.securityfocus.com/bid/94279"
          },
          {
            "name": "http://www.securitytracker.com/id/1037302",
            "refsource": "MISC",
            "url": "http://www.securitytracker.com/id/1037302"
          },
          {
            "name": "https://support.symantec.com/us/en/article.symsa1385.html",
            "refsource": "CONFIRM",
            "url": "https://support.symantec.com/us/en/article.symsa1385.html"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:symantec:encryption_desktop:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.4.1",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:endpoint_encryption:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.6",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:endpoint_encryption:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:ghost_solution_suite:3.1:maintenance_pack3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:it_management_suite:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:symantec:it_management_suite:8.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "ID": "CVE-2016-6590"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A privilege escalation vulnerability exists when loading DLLs during boot up and reboot in Symantec IT Management Suite 8.0 prior to 8.0 HF4 and Suite 7.6 prior to 7.6 HF7, Symantec Ghost Solution Suite 3.1 prior to 3.1 MP4, Symantec Endpoint Virtualization 7.x prior to 7.6 HF7, and Symantec Encryption Desktop 10.x prior to 10.4.1, which could let a local malicious user execute arbitrary code."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-269"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.securityfocus.com/bid/94279",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/94279"
            },
            {
              "name": "http://www.securitytracker.com/id/1037302",
              "refsource": "MISC",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1037302"
            },
            {
              "name": "https://support.symantec.com/us/en/article.symsa1385.html",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://support.symantec.com/us/en/article.symsa1385.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.4,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.4,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2020-01-21T14:24Z",
      "publishedDate": "2020-01-08T16:15Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2016-6590 (GCVE-0-2016-6590)

CERTFR-2016-AVI-380

Solution

CERTFR-2016-AVI-380

Solution

FKIE_CVE-2016-6590

GHSA-7J42-GGV7-2P5P

CNVD-2016-11375

GSD-2016-6590

Tags

Sightings

Nomenclature