Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveSymantecCVE-2017-13680
HistoryNov 06, 2017 - 11:29 p.m.

CVE-2017-13680

2017-11-0623:29:00
symantec
web.nvd.nist.gov
39
symantec
endpoint protection
windows
security
vulnerability
unauthorized access
file deletion
cve-2017-13680

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

22.9%

JSON

Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product’s UI to perform unauthorized file deletes on the resident file system.

Affected configurations

Nvd
Node
symantecendpoint_protectionRange<12.1m9
OR
symantecendpoint_protectionMatch14
AND
microsoftwindowsMatch-
VendorProductVersionCPE
symantecendpoint_protection*cpe:2.3:a:symantec:endpoint_protection:*:m9:*:*:*:*:*:*
symantecendpoint_protection14cpe:2.3:a:symantec:endpoint_protection:14:*:*:*:*:*:*:*
microsoftwindows-cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "Symantec Endpoint Protection",
    "vendor": "Symantec Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1"
      }
    ]
  }
]

Related

openvas 1
prion 1
cvelist 1
nvd 1
symantec 1
nessus 1
openvas
openvas
Symantec Endpoint Protection Arbitrary File Deletion Vulnerability (SYM17-011)
2017-11-08 00:00:00
prion
prion
Design/Logic Flaw
2017-11-06 23:29:00
cvelist
cvelist
CVE-2017-13680
2017-11-06 23:00:00
nvd
nvd
CVE-2017-13680
2017-11-06 23:29:00
symantec
symantec
Symantec Endpoint Protection Multiple Issues
2017-11-06 08:00:00
nessus
nessus
Symantec Endpoint Protection Client 12.1.x < 12.1 RU6 MP9 / 14.0.x < 14.0 RU1 Multiple Vulnerabilities (SYM17-011)
2017-11-08 00:00:00

CVSS2

3.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:P/A:P

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

5.8

Confidence

High

EPSS

0.001

Percentile

22.9%

JSON
Related for CVE-2017-13680
openvas1prion1cvelist1nvd1symantec1nessus1