CVE-2018-5240

8HIGH

Key Information:

Vendor: Symantec Corporation
Status: Inventory Plugin For Symantec Management Agent
Vendor: CVE Published:; 25 July 2018

Summary

The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.

Affected Version(s)

Inventory Plugin for Symantec Management Agent Prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7

References

http://www.securityfocus.com/bid/104753

vdb-entryx_refsource_BID

https://support.symantec.com/en_US/article.SYMSA1456.html

x_refsource_CONFIRM

http://www.securitytracker.com/id/1041654

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jul 25, 2018
Vulnerability Reserved
Jan 5, 2018

.