CVE-2018-5236Race Condition in Endpoint Protection

CWE-362Race Condition3 documents3 sources
Severity
5.3MEDIUMNVD
EPSS
0.5%
top 33.51%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Symantec Endpoint ProtectionSymantec Corporation Symantec Endpoint Protection
Timeline
PublishedJun 20
Latest updateMay 14

Description

Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard). This type of issue occurs in software where the output is dependent on the sequence or timing of other uncontrollable events.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

CVEListV5symantec_corporation/symantec_endpoint_protectionPrior to 14 RU1 MP1 or 12.1 RU6 MP10

🔴Vulnerability Details

2
GHSA
GHSA-fj65-q6ff-85mq: Symantec Endpoint Protection prior to 14 RU1 MP1 or 122022-05-14
CVEList
CVE-2018-5236: Symantec Endpoint Protection prior to 14 RU1 MP1 or 122018-06-20
CVE-2018-5236 — Race Condition in Symantec | cvebase