Vulnerabilities > CVE-2016-6591 - Incorrect Authorization vulnerability in Symantec Norton APP Lock 1.0.3.186

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

NONE

local

symantec

CWE-863

NVD

Published: 2020-01-08

Updated: 2020-01-21

Summary

A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions.

Vulnerable Configurations

Part	Description	Count
Application	Symantec Symantec Norton APP Lock - Symantec Norton APP Lock 1.0.3.186	2

Common Weakness Enumeration (CWE)

CWE-863 - Incorrect Authorization

References

http://www.securityfocus.com/bid/94343
https://support.symantec.com/us/en/article.symsa1386.html