Denial of Service Vulnerability in Symantec Endpoint Encryption
CVE-2017-15525

4.5MEDIUM

Key Information:

Vendor: Symantec Corporation
Status: Symantec Endpoint Encryption
Vendor: CVE Published:; 13 November 2017

Summary

Prior to version 11.1.3MP1, Symantec Endpoint Encryption is vulnerable to a denial of service attack, allowing an attacker to disrupt services, making the affected machine or network resource unavailable to legitimate users. This vulnerability can lead to service outages and potential disruptions in an organization's operations, highlighting the importance of robust security measures.

Affected Version(s)

Symantec Endpoint Encryption Prior to SEE v11.1.3MP1

References

http://www.securityfocus.com/bid/101697

vdb-entryx_refsource_BID

https://www.symantec.com/security_response/securityupdate...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 13, 2017
Vulnerability Reserved
Oct 17, 2017