CVE-2018-12244

CWE-12363 documents3 sources
Severity
6.3MEDIUM
EPSS
0.4%
top 40.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Symantec Corporation Symantec Endpoint Protection (mac Client)Symantec Endpoint Protection
Timeline
PublishedApr 25
Latest updateMay 24

Description

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:LExploitability: 2.8 | Impact: 3.4

Affected Packages2 packages

CVEListV5symantec_corporation/symantec_endpoint_protection_(mac_client)Prior to 14.2 RU1, Prior to and including 12.1 RU6 MP9+1

🔴Vulnerability Details

2
GHSA
GHSA-h2ph-whqx-fccc: SEP (Mac client) prior to and including 122022-05-24
CVEList
CVE-2018-12244: SEP (Mac client) prior to and including 122019-04-25
CVE-2018-12244 (MEDIUM CVSS 6.3) | SEP (Mac client) prior to and inclu | cvebase.io