Privilege Escalation Vulnerability in Symantec Endpoint Protection
CVE-2018-5237

8.8HIGH

Key Information:

Vendor

Symantec Corporation

Status
Symantec Endpoint Protection
Vendor
CVE Published:
20 June 2018

What is CVE-2018-5237?

The vulnerability allows unauthorized users to gain elevated access to system resources within Symantec Endpoint Protection, compromising the integrity of protected environments. Users operating on outdated versions prior to 14 RU1 MP1 or 12.1 RU6 MP10 may find their systems susceptible to this type of access issue, which poses significant risks to the overall security posture.

Affected Version(s)

Symantec Endpoint Protection Prior to 14 RU1 MP1 or 12.1 RU6 MP10

References

http://www.securityfocus.com/bid/104199
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1041180
vdb-entryx_refsource_SECTRACK
https://support.symantec.com/en_US/article.SYMSA1454.html
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2018-5237 : Privilege Escalation Vulnerability in Symantec Endpoint Protection