CVE-2018-5243

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

7.5HIGH

EPSS

0.6%

top 29.75%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Encryption Management Server Symantec Corporation Symantec Encryption Management Server (sems)

Timeline

PublishedAug 20

Latest updateMay 14

Description

The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5symantec_corporation/symantec_encryption_management_server_(sems)Prior to 3.4.2 MP1

▶NVDsymantec/encryption_management_server3.4.2

🔴Vulnerability Details

GHSA

GHSA-w8qw-x88f-f35r: The Symantec Encryption Management Server (SEMS) product, prior to version 3↗2022-05-14

▶

CVEList

CVE-2018-5243: The Symantec Encryption Management Server (SEMS) product, prior to version 3↗2018-08-20

▶