CVE-2017-15526

CWE-476NULL Pointer Dereference3 documents3 sources
Severity
6.8MEDIUM
EPSS
0.1%
top 64.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Symantec Endpoint EncryptionSymantec Corporation Symantec Endpoint Encryption
Timeline
PublishedNov 13
Latest updateMay 17

Description

Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario.

CVSS vector

CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5symantec_corporation/symantec_endpoint_encryptionPrior to SEE v11.1.3MP1

🔴Vulnerability Details

2
GHSA
GHSA-gmf5-77wc-rpjr: Prior to SEE v112022-05-17
CVEList
CVE-2017-15526: Prior to SEE v112017-11-13
CVE-2017-15526 (MEDIUM CVSS 6.8) | Prior to SEE v11.1.3MP1 | cvebase.io