Information Disclosure in Norton Password Manager by Symantec
CVE-2019-12755

5.5MEDIUM

Key Information:

Vendor: Symantec Corporation
Status: Norton Password Manager
Vendor: CVE Published:; 17 September 2019

What is CVE-2019-12755?

Norton Password Manager prior to version 6.5.0.2104 contains a vulnerability that may allow unauthorized parties to access sensitive information. This issue stems from improper handling of user data, which could potentially lead to data leaks and privacy concerns for individuals using the application. Users are strongly advised to upgrade to the latest version to mitigate any risks associated with this vulnerability.

Affected Version(s)

Norton Password Manager Prior to 6.5.0.2104

References

https://support.symantec.com/us/en/article.SYMSA1493.html

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 17, 2019
Vulnerability Reserved
Jun 6, 2019

Symantec Corporation

What is CVE-2019-12755?

Affected Version(s)

References

CVSS V3.1

Timeline