CVE-2019-12750

Sažetak

Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

Reference

http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html
http://seclists.org/fulldisclosure/2019/Dec/11
http://seclists.org/fulldisclosure/2019/Dec/21
https://support.symantec.com/us/en/article.SYMSA1487.html

CVSS

Base:	4.6
Impact:	6.4
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:L/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

31-07-2019 - 18:15