Vulnerabilities > CVE-2016-6591 - Incorrect Authorization vulnerability in Symantec Norton APP Lock 1.0.3.186

CVSS 7.1 - HIGH

Attack vector

PHYSICAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

NONE

low complexity

symantec

CWE-863

NVD

Published: 2020-01-08

Updated: 2020-01-21

Summary

A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Norton APP Lock - Symantec Norton APP Lock 1.0.3.186	2

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

http://www.securityfocus.com/bid/94343
https://support.symantec.com/us/en/article.symsa1386.html