7.8

CVE-2017-13681

EPSS 0.09%
Published 06.11.2017 23:29:00
Last modified 20.04.2025 01:37:25
Source secure@symantec.com
Teams watchlist Login
Open Login

Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.

Affected products Warnungen 0 Metrics 3 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Symantec ≫ Endpoint Protection Updatem9 Version < 12.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.09%	0.222

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

http://www.securitytracker.com/id/1039775

Third Party Advisory

VDB Entry

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00

Third Party Advisory

Issue Tracking

http://www.securityfocus.com/bid/101504

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2017-13681

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2017-13681

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2017-13681

EUVD