Remote Policy Bypass Vulnerability in Symantec Critical System Protection
CVE-2013-5016

Currently unrated

Key Information:

Vendor: Broadcom
Status: Symantec Critical System Protection
Vendor: CVE Published:; 8 May 2014

What is CVE-2013-5016?

A vulnerability exists in Symantec Critical System Protection (SCSP) prior to version 5.2.9 when it is installed on an unpatched Windows Server 2003 R2. This flaw allows remote attackers to bypass security policy settings through unspecified vectors, potentially leading to unauthorized access or modification of system settings. It is imperative for users of this product to ensure their software is updated to protect against exploitation.

References

http://www.securityfocus.com/bid/67161

vdb-entryx_refsource_BID

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

Timeline

Vulnerability published
May 8, 2014
Vulnerability Reserved
Jul 29, 2013

Broadcom

What is CVE-2013-5016?

References

Timeline