CVE-2018-12244 (GCVE-0-2018-12244)

Vulnerability from cvelistv5 – Published: 2019-04-25 18:49 – Updated: 2024-08-05 08:30
VLAI?
Summary
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
Severity ?
No CVSS data available.
CWE
  • CSV/DDE Injection
Assigner
References
Impacted products
Vendor Product Version
Symantec Corporation Symantec Endpoint Protection (Mac Client) Affected: Prior to and including 12.1 RU6 MP9
Affected: Prior to 14.2 RU1
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:59.637Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
          },
          {
            "name": "107999",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "https://www.securityfocus.com/bid/107999"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Symantec Endpoint Protection (Mac Client)",
          "vendor": "Symantec Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Prior to and including 12.1 RU6 MP9"
            },
            {
              "status": "affected",
              "version": "Prior to 14.2 RU1"
            }
          ]
        }
      ],
      "datePublic": "2019-04-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "CSV/DDE Injection",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-25T18:49:02",
        "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
        "shortName": "symantec"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
        },
        {
          "name": "107999",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "https://www.securityfocus.com/bid/107999"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@symantec.com",
          "ID": "CVE-2018-12244",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Symantec Endpoint Protection (Mac Client)",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Prior to and including 12.1 RU6 MP9"
                          },
                          {
                            "version_value": "Prior to 14.2 RU1"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Symantec Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CSV/DDE Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://support.symantec.com/en_US/article.SYMSA1479.html",
              "refsource": "MISC",
              "url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
            },
            {
              "name": "107999",
              "refsource": "BID",
              "url": "https://www.securityfocus.com/bid/107999"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
    "assignerShortName": "symantec",
    "cveId": "CVE-2018-12244",
    "datePublished": "2019-04-25T18:49:02",
    "dateReserved": "2018-06-12T00:00:00",
    "dateUpdated": "2024-08-05T08:30:59.637Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:macos:*:*\", \"matchCriteriaId\": \"A8A8E8C7-7764-4500-B43C-909B98CBA969\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"709E0F00-6004-4230-AA2E-AEB92CF47510\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"E903F167-3A44-4EB0-BCAF-C863F8A41DD5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:macos:*:*\", \"matchCriteriaId\": \"BA478022-5812-4A42-90B9-3B71EE228EE0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:macos:*:*\", \"matchCriteriaId\": \"A296C87D-A8A1-4062-959A-5C9B599EA33C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"55B28F0F-FE43-49EB-AC85-6D2D0D44BA74\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:macos:*:*\", \"matchCriteriaId\": \"CEEA6E9A-749A-4522-A863-922161294F28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:macos:*:*\", \"matchCriteriaId\": \"F2D88CB1-F85B-4748-8841-7BF640629393\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"F51FBC9D-DC97-4D7C-86E5-94754618BB77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"FE14BAFD-6FF1-4331-A3B2-B4C950CA06FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:macos:*:*\", \"matchCriteriaId\": \"85CB007A-ACCE-4686-8E90-31E3B082ACD0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:macos:*:*\", \"matchCriteriaId\": \"013A829A-8152-4894-B973-444E13CDE29B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:macos:*:*\", \"matchCriteriaId\": \"AF5594FB-DA31-4A7B-8B90-C697182AF076\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"F7195A0A-0F18-4656-88F1-0E1D91D2B61C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"A8DFC842-93FF-4127-A51C-681B375AE68F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:macos:*:*\", \"matchCriteriaId\": \"C7315DB1-E602-428E-ABB2-348592B6AE7D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:macos:*:*\", \"matchCriteriaId\": \"6F6A4FCD-11EA-4B0B-9365-B0EE33DC2830\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:11.0:ry7-mp3:*:*:*:macos:*:*\", \"matchCriteriaId\": \"B60284AB-99C9-4C01-A922-C2390E3EEA47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:macos:*:*\", \"matchCriteriaId\": \"424BF82D-C5C6-443C-BA09-FFFB9C2AD6DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"34EBB08C-E229-4912-A3EA-902741FB06CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"DE256B6B-4659-4C5F-AB6D-E40EC1655965\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"6514C8BD-21B8-492D-8355-DC80A2B654BE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"24D20516-7157-41DA-B9BE-A6F63E9A9747\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:macos:*:*\", \"matchCriteriaId\": \"A4973190-0937-4755-BC62-51ECD0F1F504\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:macos:*:*\", \"matchCriteriaId\": \"CA51772D-6124-4912-8809-233FD099F18E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"A756CC75-DBE3-4684-86C6-C7C0FE125CC2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:macos:*:*\", \"matchCriteriaId\": \"03CBF80C-E1A3-45AC-8533-032F457DFB32\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:macos:*:*\", \"matchCriteriaId\": \"8258DAC4-06D6-400E-B495-D5CD8D7F7DC4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:macos:*:*\", \"matchCriteriaId\": \"85CA5B27-7C43-428D-ADD6-C328ECBCCFA3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:macos:*:*\", \"matchCriteriaId\": \"198182A8-8C17-4857-9F86-716A55534D5C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:macos:*:*\", \"matchCriteriaId\": \"EF909ABB-DD72-4C5B-A6E5-907AFA0AF6B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"8324432F-0C0E-430E-8968-939ABC77509C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp10:*:*:*:macos:*:*\", \"matchCriteriaId\": \"D69E0630-5996-443B-B3ED-11989B9F0786\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"669932CB-FB88-464D-9C4C-87A2110A4858\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"E15367F1-2862-41C7-949F-2E73F20DD4ED\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:macos:*:*\", \"matchCriteriaId\": \"CB162A18-8B37-4889-A323-0D193BF32054\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:mac_os_x:*:*\", \"matchCriteriaId\": \"6C946083-49DC-427F-A521-04BD35A145E3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:macos:*:*\", \"matchCriteriaId\": \"7D6E6D44-7525-4F24-AEC8-C68236FED9DB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:macos:*:*\", \"matchCriteriaId\": \"6E6C6EEA-EB45-400D-8C06-36F4B6148784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:macos:*:*\", \"matchCriteriaId\": \"AC3590F2-D283-432A-931B-246A6749434C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14:*:*:*:*:macos:*:*\", \"matchCriteriaId\": \"F1CB8890-4908-406C-8361-017BD5775A8D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14:mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"57A39944-B16B-439B-BEA5-8581C7F174A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"53450424-1777-48DA-AD09-C87C68E137B5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14.0.1:*:*:*:*:macos:*:*\", \"matchCriteriaId\": \"B4281F2E-A9BB-4361-A548-BB7B2A57DAD6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"3BBE781F-7095-4FA6-AC9C-3F6566AC3CEF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:macos:*:*\", \"matchCriteriaId\": \"525C399E-827F-4A35-A894-51992E467665\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14.2:*:*:*:*:macos:*:*\", \"matchCriteriaId\": \"FB0E93FC-B698-42B0-BF06-A3E42CE695D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:macos:*:*\", \"matchCriteriaId\": \"8C705203-5A9B-434F-AC78-82D50292686E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.\"}, {\"lang\": \"es\", \"value\": \"SEP (cliente Mac) versiones anteriores a la 12.1 incluida, RU6 MP9 en versiones anteriores a 14.2 RU1 puede ser susceptible a una vulnerabilidad de inyecci\\u00f3n CSV/DDE (tambi\\u00e9n conocida como formula injection), es un tipo de problema por el cual una aplicaci\\u00f3n o sitio web permite la entrada de datos no confiables en los archivos CSV.\"}]",
      "id": "CVE-2018-12244",
      "lastModified": "2024-11-21T03:44:51.010",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:P/I:P/A:P\", \"baseScore\": 6.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2019-04-25T19:29:00.283",
      "references": "[{\"url\": \"https://support.symantec.com/en_US/article.SYMSA1479.html\", \"source\": \"secure@symantec.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.securityfocus.com/bid/107999\", \"source\": \"secure@symantec.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://support.symantec.com/en_US/article.SYMSA1479.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.securityfocus.com/bid/107999\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "secure@symantec.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-1236\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-12244\",\"sourceIdentifier\":\"secure@symantec.com\",\"published\":\"2019-04-25T19:29:00.283\",\"lastModified\":\"2024-11-21T03:44:51.010\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.\"},{\"lang\":\"es\",\"value\":\"SEP (cliente Mac) versiones anteriores a la 12.1 incluida, RU6 MP9 en versiones anteriores a 14.2 RU1 puede ser susceptible a una vulnerabilidad de inyecci\u00f3n CSV/DDE (tambi\u00e9n conocida como formula injection), es un tipo de problema por el cual una aplicaci\u00f3n o sitio web permite la entrada de datos no confiables en los archivos CSV.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":3.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1236\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:macos:*:*\",\"matchCriteriaId\":\"A8A8E8C7-7764-4500-B43C-909B98CBA969\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"709E0F00-6004-4230-AA2E-AEB92CF47510\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"E903F167-3A44-4EB0-BCAF-C863F8A41DD5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:macos:*:*\",\"matchCriteriaId\":\"BA478022-5812-4A42-90B9-3B71EE228EE0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:macos:*:*\",\"matchCriteriaId\":\"A296C87D-A8A1-4062-959A-5C9B599EA33C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"55B28F0F-FE43-49EB-AC85-6D2D0D44BA74\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:macos:*:*\",\"matchCriteriaId\":\"CEEA6E9A-749A-4522-A863-922161294F28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:macos:*:*\",\"matchCriteriaId\":\"F2D88CB1-F85B-4748-8841-7BF640629393\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"F51FBC9D-DC97-4D7C-86E5-94754618BB77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"FE14BAFD-6FF1-4331-A3B2-B4C950CA06FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:macos:*:*\",\"matchCriteriaId\":\"85CB007A-ACCE-4686-8E90-31E3B082ACD0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:macos:*:*\",\"matchCriteriaId\":\"013A829A-8152-4894-B973-444E13CDE29B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:macos:*:*\",\"matchCriteriaId\":\"AF5594FB-DA31-4A7B-8B90-C697182AF076\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"F7195A0A-0F18-4656-88F1-0E1D91D2B61C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"A8DFC842-93FF-4127-A51C-681B375AE68F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:macos:*:*\",\"matchCriteriaId\":\"C7315DB1-E602-428E-ABB2-348592B6AE7D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:macos:*:*\",\"matchCriteriaId\":\"6F6A4FCD-11EA-4B0B-9365-B0EE33DC2830\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:11.0:ry7-mp3:*:*:*:macos:*:*\",\"matchCriteriaId\":\"B60284AB-99C9-4C01-A922-C2390E3EEA47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:macos:*:*\",\"matchCriteriaId\":\"424BF82D-C5C6-443C-BA09-FFFB9C2AD6DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"34EBB08C-E229-4912-A3EA-902741FB06CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"DE256B6B-4659-4C5F-AB6D-E40EC1655965\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"6514C8BD-21B8-492D-8355-DC80A2B654BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"24D20516-7157-41DA-B9BE-A6F63E9A9747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:macos:*:*\",\"matchCriteriaId\":\"A4973190-0937-4755-BC62-51ECD0F1F504\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:macos:*:*\",\"matchCriteriaId\":\"CA51772D-6124-4912-8809-233FD099F18E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"A756CC75-DBE3-4684-86C6-C7C0FE125CC2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:macos:*:*\",\"matchCriteriaId\":\"03CBF80C-E1A3-45AC-8533-032F457DFB32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:macos:*:*\",\"matchCriteriaId\":\"8258DAC4-06D6-400E-B495-D5CD8D7F7DC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:macos:*:*\",\"matchCriteriaId\":\"85CA5B27-7C43-428D-ADD6-C328ECBCCFA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:macos:*:*\",\"matchCriteriaId\":\"198182A8-8C17-4857-9F86-716A55534D5C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:macos:*:*\",\"matchCriteriaId\":\"EF909ABB-DD72-4C5B-A6E5-907AFA0AF6B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"8324432F-0C0E-430E-8968-939ABC77509C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp10:*:*:*:macos:*:*\",\"matchCriteriaId\":\"D69E0630-5996-443B-B3ED-11989B9F0786\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"669932CB-FB88-464D-9C4C-87A2110A4858\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"E15367F1-2862-41C7-949F-2E73F20DD4ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:macos:*:*\",\"matchCriteriaId\":\"CB162A18-8B37-4889-A323-0D193BF32054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:mac_os_x:*:*\",\"matchCriteriaId\":\"6C946083-49DC-427F-A521-04BD35A145E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:macos:*:*\",\"matchCriteriaId\":\"7D6E6D44-7525-4F24-AEC8-C68236FED9DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:macos:*:*\",\"matchCriteriaId\":\"6E6C6EEA-EB45-400D-8C06-36F4B6148784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:macos:*:*\",\"matchCriteriaId\":\"AC3590F2-D283-432A-931B-246A6749434C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14:*:*:*:*:macos:*:*\",\"matchCriteriaId\":\"F1CB8890-4908-406C-8361-017BD5775A8D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14:mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"57A39944-B16B-439B-BEA5-8581C7F174A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"53450424-1777-48DA-AD09-C87C68E137B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14.0.1:*:*:*:*:macos:*:*\",\"matchCriteriaId\":\"B4281F2E-A9BB-4361-A548-BB7B2A57DAD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"3BBE781F-7095-4FA6-AC9C-3F6566AC3CEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:macos:*:*\",\"matchCriteriaId\":\"525C399E-827F-4A35-A894-51992E467665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14.2:*:*:*:*:macos:*:*\",\"matchCriteriaId\":\"FB0E93FC-B698-42B0-BF06-A3E42CE695D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:macos:*:*\",\"matchCriteriaId\":\"8C705203-5A9B-434F-AC78-82D50292686E\"}]}]}],\"references\":[{\"url\":\"https://support.symantec.com/en_US/article.SYMSA1479.html\",\"source\":\"secure@symantec.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.securityfocus.com/bid/107999\",\"source\":\"secure@symantec.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.symantec.com/en_US/article.SYMSA1479.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.securityfocus.com/bid/107999\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.