CVE-2015-8801

CWE-254CWE-284Improper Access Control3 documents3 sources
Severity
2.9LOW
EPSS
0.1%
top 81.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Endpoint Protection Manager
Timeline
PublishedJun 30
Latest updateMay 17

Description

Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.

CVSS vector

CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:NExploitability: 0.4 | Impact: 2.5

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-2x69-9fjp-rrmj: Race condition in the client in Symantec Endpoint Protection (SEP) 122022-05-17
CVEList
CVE-2015-8801: Race condition in the client in Symantec Endpoint Protection (SEP) 122016-06-30
CVE-2015-8801 (LOW CVSS 2.9) | Race condition in the client in Sym | cvebase.io