CVE-2018-5237

3 documents3 sources

Severity

8.8HIGH

EPSS

1.3%

top 20.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Endpoint Protection Symantec Corporation Symantec Endpoint Protection

Timeline

PublishedJun 20

Latest updateMay 13

Description

Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDsymantec/endpoint_protection14.0+2

▶CVEListV5symantec_corporation/symantec_endpoint_protectionPrior to 14 RU1 MP1 or 12.1 RU6 MP10

🔴Vulnerability Details

GHSA

GHSA-jfhh-fgpm-vwh3: Symantec Endpoint Protection prior to 14 RU1 MP1 or 12↗2022-05-13

▶

CVEList

CVE-2018-5237: Symantec Endpoint Protection prior to 14 RU1 MP1 or 12↗2018-06-20

▶