FKIE_CVE-2020-5823
Vulnerability from fkie_nvd - Published: 2020-02-11 18:15 - Updated: 2024-11-21 05:34
Severity ?
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:-:*:*:*:*:*:*",
"matchCriteriaId": "FF3B36FF-5C26-4565-A23A-789D1158B867",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:*:*:*",
"matchCriteriaId": "C5DCB89C-80FD-45FE-AD93-6192A53B7563",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:*:*:*",
"matchCriteriaId": "06401D10-3664-4070-B2DB-232474264D81",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:*:*:*",
"matchCriteriaId": "2AD1793E-2D25-41F4-9E99-D0FC7A4F1551",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:*:*:*",
"matchCriteriaId": "924E3111-CF09-43A8-96C9-A617FD839897",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "922A551D-0624-422F-ABB7-44168A985D4A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:*:*:*",
"matchCriteriaId": "89252C37-555E-4B73-95B5-6D8827F679CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "0E19B9F1-DDD6-40F0-840C-575DEDCB7416",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "C06118E9-B6F8-4DDD-A28F-09FF69C82067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "2FEAD5EE-45BB-4E9C-948D-1B8D695DDF82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:*:*:*",
"matchCriteriaId": "104B1371-BE9C-45F6-9579-0AA9B4097980",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:*:*:*",
"matchCriteriaId": "B5A7BFF4-D70C-44B2-BF64-CD655CC7EFCA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:*:*:*",
"matchCriteriaId": "93A60260-E495-448B-91CA-026E696A67EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp3:*:*:*:*:*:*",
"matchCriteriaId": "D2AA1BA0-F242-4E4E-BE52-003C5617D6DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:*:*:*",
"matchCriteriaId": "323F32E0-82FD-4F96-9CED-90D67AFE15FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:*:*:*",
"matchCriteriaId": "6E8B19CE-8C63-4EEB-A6B8-CC46A7CE15F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:*:*:*:*",
"matchCriteriaId": "BD54A6EB-AA9A-4AEF-901A-8108672A0E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:*:*:*",
"matchCriteriaId": "2CB77AE7-55B2-40DC-B860-6AF02E3C1BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-p1:*:*:*:*:*:*",
"matchCriteriaId": "853104E0-92B7-4414-8912-0D8CDBBCF905",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:*:*:*",
"matchCriteriaId": "A957A7B6-D107-4784-8948-52317B3552BA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:*:*:*",
"matchCriteriaId": "E21ED16B-35C3-4754-94D8-C57F18CC9CDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:*:*:*",
"matchCriteriaId": "1F4C3A3A-9D7D-4AFB-B256-99102468843A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:*:*:*",
"matchCriteriaId": "6C1C08C5-4598-42C1-AEDE-EE85D8457175",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:*:*:*",
"matchCriteriaId": "66499F19-33EE-4280-9C47-9ECA04EDED1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:*:*:*",
"matchCriteriaId": "640E8481-AB57-470E-BFDC-6DD70A79337B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:*:*:*",
"matchCriteriaId": "95E7B32C-6614-44A7-AE9E-4F0D7EBE3559",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:*:*:*",
"matchCriteriaId": "1456573A-17DA-4EC5-A7B6-2371574336B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:*:*:*",
"matchCriteriaId": "31E46D5C-65C9-4D36-B230-F3F519C36015",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:*:*:*",
"matchCriteriaId": "A72E7D67-F3BD-404A-B9CB-6241AAE1D6F9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:*:*:*",
"matchCriteriaId": "1FB729C3-FECA-4CA1-8504-7A627EA34219",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:*:*:*",
"matchCriteriaId": "8F8781A1-AFF1-4F00-9951-D2EE57F423F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:*:*:*",
"matchCriteriaId": "5C8CC48B-A8BA-471D-8D32-F778F7C29C7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:*:*:*",
"matchCriteriaId": "25552D01-9EB4-4DEA-A8FE-618BB01FDDAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:*:*:*",
"matchCriteriaId": "DB283B1A-D3EC-46A6-893F-98F73D325C87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:*:*:*",
"matchCriteriaId": "9E0E94AA-26D9-4B14-8C12-ADD7BA262DB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:*:*:*",
"matchCriteriaId": "0B8B7847-FCF6-4A46-B515-CE7E5489E1E1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:*:*:*",
"matchCriteriaId": "FE626FA0-B277-4C6D-B2E9-A3DDD31D0E61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp9:*:*:*:*:*:*",
"matchCriteriaId": "AE01DAE4-7B10-4A1C-9401-769A1E72EBCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:-:*:*:*:*:*:*",
"matchCriteriaId": "C0592370-C2A7-459C-9A0D-16D180D1FA59",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp1:*:*:*:*:*:*",
"matchCriteriaId": "E8D921D0-9739-4A1D-82BC-7DC6C71BCBEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:*:*:*",
"matchCriteriaId": "19F9E1C6-D313-405C-BB84-59101D76897B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:-:*:*:*:*:*:*",
"matchCriteriaId": "7D5D05E3-D07F-495F-AF55-C6F43EA43524",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:*:*:*",
"matchCriteriaId": "33856A4A-9208-4197-A3CA-42BEC64113A1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:*:*:*",
"matchCriteriaId": "DEA0F4D4-EF6A-49F9-A1ED-51F654159E84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:-:*:*:*:*:*:*",
"matchCriteriaId": "EC76BE02-C247-4929-8C0F-D3931E34E59C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:*:*:*",
"matchCriteriaId": "8B72B183-77B9-4C71-9851-5C370291B575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1:*:*:*:*:*:*",
"matchCriteriaId": "C1DD3F0E-48D3-46E8-9A01-6EC4D7B3A4E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru1_mp1:*:*:*:*:*:*",
"matchCriteriaId": "8239F4B8-F138-4A11-AE6F-28E2A095CEFF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:14.2:ru2:*:*:*:*:*:*",
"matchCriteriaId": "055D6076-B49D-46C2-893F-EBAB242C5141",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:rtm:*:*:small_business:*:*:*",
"matchCriteriaId": "23705BED-9C3C-4061-95DD-12B2181C4EA5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "68BFC5D3-BAEA-4865-AB30-F6613DDF9E36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:*:*:small_business:*:*:*",
"matchCriteriaId": "160C21AA-9B5A-4ED8-9B5D-79A9E970A630",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:small_business:*:*:*",
"matchCriteriaId": "27673629-7DC0-410E-8678-3FA2E730A5BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "65EC28FF-C96B-4724-8640-1099E2E2D79E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:small_business:*:*:*",
"matchCriteriaId": "6D1E15FA-C164-4466-BA9E-404715DAD0BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "2066F229-8CEA-4D54-899B-530870C4C157",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:small_business:*:*:*",
"matchCriteriaId": "CF1813B9-75E3-4A19-A17D-3126FA746A09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:small_business:*:*:*",
"matchCriteriaId": "E09FEE8C-9BA3-466E-9F1C-030434D80A25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "BDA598FF-E3A0-475D-B187-2273B3ACF914",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:small_business:*:*:*",
"matchCriteriaId": "68BE46F8-65FC-41B8-9ACC-704EFAF6B711",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:small_business:*:*:*",
"matchCriteriaId": "AAB2AC19-D271-4C1A-8589-CAFF2775BB60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:small_business:*:*:*",
"matchCriteriaId": "CF7958FD-F9EB-4EE1-A178-32206BB6FE62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:small_business:*:*:*",
"matchCriteriaId": "62015923-D616-4789-8A53-76FA5FCDF6AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:small_business:*:*:*",
"matchCriteriaId": "44811424-5F88-4E3F-AD79-734CD95FDAC2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp1:*:*:small_business:*:*:*",
"matchCriteriaId": "A7810328-94AD-4826-874F-D38AAEA21D6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp10:*:*:small_business:*:*:*",
"matchCriteriaId": "1A4DDF46-92DA-4EA7-B4D5-68E39E136D75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp2:*:*:small_business:*:*:*",
"matchCriteriaId": "C41C3265-E746-4D7B-95E3-A3515EC5F411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp3:*:*:small_business:*:*:*",
"matchCriteriaId": "18823C7F-A44D-4000-82E7-C4D6B9E1CE1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp4:*:*:small_business:*:*:*",
"matchCriteriaId": "82567378-2D08-4D8F-8BA5-40F15A7983E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp5:*:*:small_business:*:*:*",
"matchCriteriaId": "2D141281-31B4-41D0-907F-19F0DCFB1494",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp6:*:*:small_business:*:*:*",
"matchCriteriaId": "390D774F-A648-47CC-BB9F-BDA4AA0A1730",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp7:*:*:small_business:*:*:*",
"matchCriteriaId": "309F36B2-9D6E-484A-9FBF-7DF83A58B6AD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp8:*:*:small_business:*:*:*",
"matchCriteriaId": "676C5206-1250-4C6C-A820-9870973DC0F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:ru6_mp9:*:*:small_business:*:*:*",
"matchCriteriaId": "DA8E420B-9055-4A63-A89E-A0FA45F93063",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
},
{
"lang": "es",
"value": "Symantec Endpoint Protection (SEP) y Symantec Endpoint Protection Small Business Edition (SEP SBE), versiones anteriores a 14.2 RU2 MP1 y versiones anteriores a 14.2.5569.2100 respectivamente, pueden ser susceptibles a una vulnerabilidad de escalada de privilegios, que es un tipo de problema por el cual un atacante puede intentar comprometer la aplicaci\u00f3n de software para conseguir un acceso elevado a los recursos que normalmente est\u00e1n protegidos de una aplicaci\u00f3n o un usuario."
}
],
"id": "CVE-2020-5823",
"lastModified": "2024-11-21T05:34:39.003",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-02-11T18:15:16.823",
"references": [
{
"source": "secure@symantec.com",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"sourceIdentifier": "secure@symantec.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…