CVE-2017-6331

Опубликовано: 06 нояб. 2017

Источник: nvd

CVSS3: 7.1

CVSS2: 3.6

EPSS Низкий

Описание

Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.

Ссылки

http://www.securityfocus.com/bid/101502
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039775
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/43134/
Exploit
Issue Tracking
Third Party Advisory
VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00
Issue Tracking
Vendor Advisory
http://www.securityfocus.com/bid/101502
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1039775
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/43134/
Exploit
Issue Tracking
Third Party Advisory
VDB Entry
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

EPSS

Процентиль: 73%

0.00782

Низкий

7.1 High

CVSS3

3.6 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-p32x-gx9p-8798