CORS Vulnerability in Norton Password Manager by Symantec
CVE-2019-19545

6.3MEDIUM

Key Information:

Vendor: Norton
Status: Norton Password Manager
Vendor: CVE Published:; 5 December 2019

What is CVE-2019-19545?

Norton Password Manager versions prior to 6.6.2.5 possess a vulnerability related to cross-origin resource sharing (CORS). This security issue allows malicious actors to request restricted resources from a web page outside of the originating domain, potentially leading to unauthorized data access and exposure of sensitive information. Users are urged to update to the latest version to mitigate this risk and protect their data.

Affected Version(s)

Norton Password Manager prior to 6.6.2.5

References

https://support.symantec.com/us/en/article.SYMSA1499.html

x_refsource_CONFIRM

CVSS V3.1

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Dec 5, 2019
Vulnerability Reserved
Dec 3, 2019