Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
symantecSymantec Security ResponseSMNTC-1456
HistoryJul 16, 2018 - 8:20 p.m.

Inventory Plugin for Symantec Management Agent Privilege Escalation

2018-07-1620:20:17
Symantec Security Response
25

EPSS

0.362

Percentile

97.2%

JSON

SUMMARY

Symantec has released an update to address an issue that was discovered in the Inventory Plugin for Symantec Management Agent (Altiris) product.

AFFECTED PRODUCTS

Inventory Plugin for Symantec Management Agent (Altiris)

CVE

|

Affected Version(s)

|

Remediation

CVE-2018-5240

|

Prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7

|

Upgrade to 7.6 POST HF7 (or latest), 8.0 POST HF6 (or latest), or 8.1 RU7 (or latest)

ISSUES

CVE-2018-5240

Severity/CVSSv3:

|

Medium / 6.4 AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

References:

Impact:

|

Security Focus: BID 104753 / NVD: CVE-2018-5240

Privilege Escalation

Description:

|

Symantec Management Agent (Altiris) may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.

MITIGATION

The aforementioned issue was validated by product team engineers. A set of Inventory Plugin for Symantec Management Agent updates, 7.6 POST HF7 (or latest), 8.0 POST HF6 (or latest), and 8.1 RU7 (or latest) have been made available. Note that the latest releases are available to customers through normal support channels. At this time, Symantec is not aware of any exploitations or adverse customer impact from these issues.

Symantec recommends the following measures to reduce risk of attack:

  • Restrict access to administrative or management systems to authorized privileged users.
  • Restrict remote access to trusted/authorized systems only.
  • Run under the principle of least privilege, where possible, to limit the impact of potential exploit.
  • Keep all operating systems and applications current with vendor patches.
  • Follow a multi-layered approach to security. At a minimum, run both firewall and anti-malware applications to provide multiple points of detection and protection for both inbound and outbound threats.
  • Deploy network and host-based intrusion detection systems to monitor network traffic for signs of anomalous or suspicious activity. This may aid in the detection of attacks or malicious activity related to the exploitation of latent vulnerabilities.

ACKNOWLEDGEMENTS

Related

cvelist 2
checkpoint_advisories 1
zdt 1
nvd 2
metasploit 1
cve 2
exploitdb 1
prion 2
packetstorm 1
symantec 2
nessus 1
rapid7community 1
openvas 1
cvelist
cvelist
CVE-2017-6326
2017-06-26 21:00:00
CVE-2018-5240
2018-07-25 16:00:00
checkpoint_advisories
checkpoint_advisories
Symantec Messaging Gateway remote code execution (CVE-2017-6326)
2017-07-20 00:00:00
zdt
zdt
Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution Exploit
2017-06-26 00:00:00
nvd
nvd
CVE-2017-6326
2017-06-26 21:29:00
CVE-2018-5240
2018-07-25 16:29:00
metasploit
metasploit
Symantec Messaging Gateway Remote Code Execution
2017-06-10 09:23:12
cve
cve
CVE-2017-6326
2017-06-26 21:29:00
CVE-2018-5240
2018-07-25 16:29:00
exploitdb
exploitdb
Symantec Messaging Gateway 10.6.2-7 - Remote Code Execution (Metasploit)
2017-06-26 00:00:00
prion
prion
Design/Logic Flaw
2017-06-26 21:29:00
Privilege escalation
2018-07-25 16:29:00
packetstorm
packetstorm
Symantec Messaging Gateway Remote Code Execution
2017-06-24 00:00:00
symantec
symantec
Symantec Management Console Directory Traversal
2017-11-20 08:00:00
Symantec Messaging Gateway Multiple Vulnerabilities
2017-06-21 08:00:00
nessus
nessus
Symantec Messaging Gateway 10.x < 10.6.3-266 Multiple Vulnerabilities (SYM17-004)
2017-06-30 00:00:00
rapid7community
rapid7community
Metasploit Wrapup
2017-06-30 19:09:11
openvas
openvas
Symantec Messaging Gateway <= 10.6.3 Multiple Vulnerabilities
2017-06-12 00:00:00

EPSS

0.362

Percentile

97.2%

JSON
Related for SMNTC-1456
cvelist2checkpoint_advisories1zdt1nvd2metasploit1cve2exploitdb1prion2packetstorm1symantec2nessus1rapid7community1openvas1