Cross Origin Resource Sharing Vulnerability in Norton Password Manager
CVE-2019-18381

6.3MEDIUM

Key Information:

Vendor: Norton
Status: Norton Password Manager
Vendor: CVE Published:; 5 December 2019

What is CVE-2019-18381?

Norton Password Manager versions before 6.6.2.5 are susceptible to a cross origin resource sharing (CORS) vulnerability. This type of flaw can allow unauthorized access to restricted resources from different domains, potentially exposing sensitive data and compromising user security. Users and organizations utilizing this password manager should be aware of the implications of this vulnerability and consider upgrading to the latest version to safeguard their data.

Affected Version(s)

Norton Password Manager prior to 6.6.2.5

References

https://support.symantec.com/us/en/article.SYMSA1499.html

x_refsource_CONFIRM

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 5, 2019
Vulnerability Reserved
Oct 23, 2019

JSON