Vulnerabilities > CVE-2017-13681 - Unspecified vulnerability in Symantec Endpoint Protection
Attack vector
LOCAL Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family | Windows |
NASL id | SYMANTEC_ENDPOINT_PROT_CLIENT_SYM17-011.NASL |
description | The version of Symantec Endpoint Protection (SEP) Client installed on the remote host is 12.1.x prior to 12.1 RU6 MP9 or 14.0.x prior to 14.0 RU1. It is, therefore, affected by a multiple vulnerabilities as referenced in the advisory. Note that Nessus has not tested for this issue but has instead relied only on the application |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 104459 |
published | 2017-11-08 |
reporter | This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/104459 |
title | Symantec Endpoint Protection Client 12.1.x < 12.1 RU6 MP9 / 14.0.x < 14.0 RU1 Multiple Vulnerabilities (SYM17-011) |
code |
|
References
- http://www.securityfocus.com/bid/101504
- http://www.securityfocus.com/bid/101504
- http://www.securitytracker.com/id/1039775
- http://www.securitytracker.com/id/1039775
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00