Описание
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
Ссылки
- Third Party AdvisoryVDB Entry
- Vendor Advisory
- Third Party AdvisoryVDB Entry
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 22.16.3 (исключая)Версия до 3.00.31.2817 (исключая)Версия до 22.16.3 (исключая)
Одно из
cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:mr1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:mr2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:mr3:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:mr4:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:mr4-mp2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6-mp3:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ru7-mp4a:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:11.0:ry7-mp3:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru1-mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru2-mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru3:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1a:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4-mp1b:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru4a:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru5:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp10:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp3:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp4:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp5:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp6:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp7:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:12.1:ru6-mp8:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14:*:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14:mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14.0.0:mp2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14.0.1:*:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14.0.1:mp2:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14.2:*:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:14.2:mp1:*:*:*:windows:*:*
cpe:2.3:a:symantec:endpoint_protection:nis-22.15.2.22:*:*:*:small_business:*:*:*
cpe:2.3:a:symantec:endpoint_protection:sep-12.1.7484.7002:*:*:*:small_business:*:*:*
cpe:2.3:a:symantec:endpoint_protection_cloud:*:*:*:*:*:*:*:*
cpe:2.3:a:symantec:endpoint_protection_cloud_agent:*:*:*:*:small_business:*:*:*
cpe:2.3:a:symantec:norton_security:*:*:*:*:*:windows:*:*
EPSS
Процентиль: 25%
0.00086
Низкий
6.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-908
Связанные уязвимости
github
больше 3 лет назад
Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.
EPSS
Процентиль: 25%
0.00086
Низкий
6.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-908