Lucene search

SymantecCVE-2013-5010

HistoryJan 10, 2014 - 4:47 p.m.

CVE-2013-5010

2014-01-1016:47:05

CWE-264

symantec

web.nvd.nist.gov

symantec

endpoint protection

vulnerability

adc

cve-2013-5010

security

policy restrictions

CVSS2

4.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.2

Confidence

Low

EPSS

Percentile

9.5%

JSON

The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors.

Affected configurations

Nvd

Node

symantecendpoint_protectionRange≤11.0.7.3

symantecendpoint_protectionMatch11.0

symantecendpoint_protectionMatch11.0ru5

symantecendpoint_protectionMatch11.0ru6

symantecendpoint_protectionMatch11.0ru6a

symantecendpoint_protectionMatch11.0ru6mp1

symantecendpoint_protectionMatch11.0ru6mp2

symantecendpoint_protectionMatch11.0.1

symantecendpoint_protectionMatch11.0.1mp1

symantecendpoint_protectionMatch11.0.1mp2

symantecendpoint_protectionMatch11.0.2

symantecendpoint_protectionMatch11.0.2mp1

symantecendpoint_protectionMatch11.0.2mp2

symantecendpoint_protectionMatch11.0.4

symantecendpoint_protectionMatch11.0.4mp1a

symantecendpoint_protectionMatch11.0.4mp2

symantecendpoint_protectionMatch11.0.3001

symantecendpoint_protectionMatch11.0.6000

symantecendpoint_protectionMatch11.0.6100

symantecendpoint_protectionMatch11.0.6200

symantecendpoint_protectionMatch11.0.6200.754

symantecendpoint_protectionMatch11.0.6300

symantecendpoint_protectionMatch11.0.7000

symantecendpoint_protectionMatch11.0.7100

VendorProductVersionCPE
symantecendpoint_protection*cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*
symantecendpoint_protection11.0.1cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*
symantecendpoint_protection11.0.1cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*
symantecendpoint_protection11.0.1cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	endpoint_protection	*	cpe:2.3:a:symantec:endpoint_protection::::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:::::::*
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru5::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2::::::
symantec	endpoint_protection	11.0.1	cpe:2.3:a:symantec:endpoint_protection:11.0.1:::::::*
symantec	endpoint_protection	11.0.1	cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1::::::
symantec	endpoint_protection	11.0.1	cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2::::::