CVE-2018-18368

CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGH
EPSS
0.5%
top 34.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Endpoint Protection Manager
Timeline
PublishedNov 15
Latest updateMay 24

Description

Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5symantec_endpoint_protection_manager_(sepm)prior to 14.2 RU1

Patches

Patch: support.symantec.comPatch: support.symantec.com

🔴Vulnerability Details

2
GHSA
GHSA-cgj2-wm7x-gwqc: Symantec Endpoint Protection Manager (SEPM), prior to 142022-05-24
CVEList
CVE-2018-18368: Symantec Endpoint Protection Manager (SEPM), prior to 142019-11-15
CVE-2018-18368 (HIGH CVSS 7.8) | Symantec Endpoint Protection Manage | cvebase.io