Lucene search
HistoryJan 10, 2014 - 4:47 p.m.
CVE-2013-5011
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
9.5%
Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.
Affected configurations
Node
symantecendpoint_protectionRange≤11.0.7.3
ORsymantecendpoint_protectionMatch11.0
ORsymantecendpoint_protectionMatch11.0ru5
ORsymantecendpoint_protectionMatch11.0ru6
ORsymantecendpoint_protectionMatch11.0ru6a
ORsymantecendpoint_protectionMatch11.0ru6mp1
ORsymantecendpoint_protectionMatch11.0ru6mp2
ORsymantecendpoint_protectionMatch11.0.1
ORsymantecendpoint_protectionMatch11.0.1mp1
ORsymantecendpoint_protectionMatch11.0.1mp2
ORsymantecendpoint_protectionMatch11.0.2
ORsymantecendpoint_protectionMatch11.0.2mp1
ORsymantecendpoint_protectionMatch11.0.2mp2
ORsymantecendpoint_protectionMatch11.0.4
ORsymantecendpoint_protectionMatch11.0.4mp1a
ORsymantecendpoint_protectionMatch11.0.4mp2
ORsymantecendpoint_protectionMatch11.0.3001
ORsymantecendpoint_protectionMatch11.0.6000
ORsymantecendpoint_protectionMatch11.0.6100
ORsymantecendpoint_protectionMatch11.0.6200
ORsymantecendpoint_protectionMatch11.0.6200.754
ORsymantecendpoint_protectionMatch11.0.6300
ORsymantecendpoint_protectionMatch11.0.7000
ORsymantecendpoint_protectionMatch11.0.7100
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | endpoint_protection | * | cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0 | cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0 | cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0 | cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0 | cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0 | cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0 | cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0.1 | cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0.1 | cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:* |
| symantec | endpoint_protection | 11.0.1 | cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2014-01-10 16:47:00
cve
cve
CVE-2013-5011
2014-01-10 16:47:05
cvelist
cvelist
CVE-2013-5011
2014-01-10 16:00:00
nessus
nessus
Symantec Endpoint Protection Client < 11.0.7.4 / 12.1.2 (SYM14-001)
2014-01-16 00:00:00
symantec
symantec
openvas
openvas
Symantec Endpoint Protection Multiple Vulnerabilities (Jan 2014)
2014-01-27 00:00:00
Microsoft Windows Unquoted Path Vulnerability (SMB Login)
2018-03-23 00:00:00
CVSS2
7.2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
AI Score
6.2
Confidence
Low
EPSS
0
Percentile
9.5%
Related for NVD:CVE-2013-5011