CVE-2019-12756

3 documents3 sources

Severity

2.3LOW

EPSS

0.1%

top 79.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Endpoint Protection

Timeline

PublishedNov 15

Latest updateMay 24

Description

Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptible to a password protection bypass vulnerability whereby the secondary layer of password protection could by bypassed for individuals with local administrator rights.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:NExploitability: 0.8 | Impact: 1.4

Affected Packages2 packages

▶NVDsymantec/endpoint_protection5 versions+4

▶CVEListV5symantec_endpoint_protection_(sep)prior to 14.2 RU2

Patches

Patch: support.symantec.com ↗Patch: support.symantec.com ↗

🔴Vulnerability Details

GHSA

GHSA-38x5-gc75-363x: Symantec Endpoint Protection (SEP), prior to 14↗2022-05-24

▶

CVEList

CVE-2019-12756: Symantec Endpoint Protection (SEP), prior to 14↗2019-11-15

▶