ID CVE-2018-5240
Summary The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
References
Vulnerable Configurations
  • cpe:2.3:a:symantec:inventory:*:*:*:*:*:management_agent:*:*
    cpe:2.3:a:symantec:inventory:*:*:*:*:*:management_agent:*:*
  • cpe:2.3:a:symantec:inventory:8.0:hf6:*:*:*:management_agent:*:*
    cpe:2.3:a:symantec:inventory:8.0:hf6:*:*:*:management_agent:*:*
  • cpe:2.3:a:symantec:inventory:8.1:ru7:*:*:*:management_agent:*:*
    cpe:2.3:a:symantec:inventory:8.1:ru7:*:*:*:management_agent:*:*
CVSS
Base: 5.2 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
ADJACENT_NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:A/AC:L/Au:S/C:P/I:P/A:P
refmap via4
bid 104753
confirm https://support.symantec.com/en_US/article.SYMSA1456.html
sectrack 1041654
Last major update 03-10-2019 - 00:03
Published 25-07-2018 - 16:29
Last modified 03-10-2019 - 00:03
Back to Top