CVE-2015-8801

2.9LOW

Key Information

Vendor: Symantec
Status: Endpoint Protection Manager
Vendor: CVE Published:; 30 June 2016

Summary

Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.

Refferences

https://www.symantec.com/security_response/securityupdate...

x_refsource_CONFIRM

http://www.securitytracker.com/id/1036196

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/91446

vdb-entryx_refsource_BID

CVSS V3.1

Score:

2.9

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Physical

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 30, 2016
Vulnerability Reserved
Feb 2, 2016

Collectors

NVD DatabaseMitre Database

.