CVE-2017-15526

Опубликовано: 13 нояб. 2017

Источник: nvd

CVSS3: 6.8

CVSS2: 5.2

EPSS Низкий

Описание

Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario.

Ссылки

http://www.securityfocus.com/bid/101698
Third Party Advisory
VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171113_00
Vendor Advisory
http://www.securityfocus.com/bid/101698
Third Party Advisory
VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171113_00
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:symantec:endpoint_encryption:*:*:*:*:*:*:*:*

Версия до 11.1.3 (включая)

EPSS

Процентиль: 36%

0.00149

Низкий

6.8 Medium

CVSS3

5.2 Medium

CVSS2

Дефекты

CWE-476

Связанные уязвимости

GHSA-gmf5-77wc-rpjr