CVE-2017-15534

CWE-287Improper Authentication3 documents3 sources
Severity
6.7MEDIUM
EPSS
0.1%
top 68.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Symantec Norton APP LockSymantec Corporation Norton APP Lock
Timeline
PublishedMar 26
Latest updateMay 13

Description

The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 0.8 | Impact: 5.9

Affected Packages2 packages

NVDsymantec/norton_app_lock< 1.3.0.13
CVEListV5symantec_corporation/norton_app_lockPrior to version 1.3.0.13

🔴Vulnerability Details

2
GHSA
GHSA-8vrg-7r74-cvgq: The Norton App Lock prior to version 12022-05-13
CVEList
CVE-2017-15534: The Norton App Lock prior to version 12018-03-26
CVE-2017-15534 (MEDIUM CVSS 6.7) | The Norton App Lock prior to versio | cvebase.io