CVE-2019-18374

9.8CRITICAL

Key Information

Vendor: Symantec
Status: Critical System Protection (csp)
Vendor: CVE Published:; 25 November 2019

Summary

Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 & 8.0 MP1, may be susceptible to an authentication bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing authentication controls.

Affected Version(s)

Critical System Protection (CSP) = 8.0

Critical System Protection (CSP) = 8.0 HF1

Critical System Protection (CSP) = 8.0 MP1

Refferences

https://support.symantec.com/us/en/article.SYMSA1498.html

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 25, 2019
Vulnerability Reserved
Oct 23, 2019

Collectors

NVD DatabaseMitre Database