CVE-2019-12755 — Sensitive Information Exposure in Norton Password Manager

CWE-200 — Sensitive Information Exposure3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 77.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Norton Password Manager Symantec Corporation Norton Password Manager

Timeline

PublishedSep 17

Latest updateMay 24

Description

Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an information disclosure issue, which is a type of vulnerability whereby there is an unintentional disclosure of information to an actor that is not explicitly authorized to have access to that information.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDsymantec/norton_password_manager< 6.5.0.2104

▶CVEListV5symantec_corporation/norton_password_managerPrior to 6.5.0.2104

🔴Vulnerability Details

GHSA

GHSA-5pxx-h58r-hvvm: Norton Password Manager, prior to 6↗2022-05-24

▶

CVEList

CVE-2019-12755: Norton Password Manager, prior to 6↗2019-09-17

▶