Lucene search

K
cveMitreCVE-2012-4350
HistoryDec 18, 2012 - 8:55 p.m.

CVE-2012-4350

2012-12-1820:55:01
mitre
web.nvd.nist.gov
37
cve-2012-4350
symantec
esm
windows search path vulnerabilities
privilege escalation

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

9

Confidence

High

EPSS

0

Percentile

9.5%

Multiple unquoted Windows search path vulnerabilities in the (1) Manager and (2) Agent components in Symantec Enterprise Security Manager (ESM) before 11.0 allow local users to gain privileges via unspecified vectors.

Affected configurations

Nvd
Node
symantecenterprise_security_managerRange10.0
OR
symantecenterprise_security_managerMatch6.0
OR
symantecenterprise_security_managerMatch6.5
OR
symantecenterprise_security_managerMatch6.5.0
OR
symantecenterprise_security_managerMatch6.5.1
OR
symantecenterprise_security_managerMatch6.5.2
OR
symantecenterprise_security_managerMatch6.5.3
OR
symantecenterprise_security_managerMatch9.0
OR
symantecenterprise_security_managerMatch9.0.1
VendorProductVersionCPE
symantecenterprise_security_manager*cpe:2.3:a:symantec:enterprise_security_manager:*:*:*:*:*:*:*:*
symantecenterprise_security_manager6.0cpe:2.3:a:symantec:enterprise_security_manager:6.0:*:*:*:*:*:*:*
symantecenterprise_security_manager6.5cpe:2.3:a:symantec:enterprise_security_manager:6.5:*:*:*:*:*:*:*
symantecenterprise_security_manager6.5.0cpe:2.3:a:symantec:enterprise_security_manager:6.5.0:*:*:*:*:*:*:*
symantecenterprise_security_manager6.5.1cpe:2.3:a:symantec:enterprise_security_manager:6.5.1:*:*:*:*:*:*:*
symantecenterprise_security_manager6.5.2cpe:2.3:a:symantec:enterprise_security_manager:6.5.2:*:*:*:*:*:*:*
symantecenterprise_security_manager6.5.3cpe:2.3:a:symantec:enterprise_security_manager:6.5.3:*:*:*:*:*:*:*
symantecenterprise_security_manager9.0cpe:2.3:a:symantec:enterprise_security_manager:9.0:*:*:*:*:*:*:*
symantecenterprise_security_manager9.0.1cpe:2.3:a:symantec:enterprise_security_manager:9.0.1:*:*:*:*:*:*:*

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

9

Confidence

High

EPSS

0

Percentile

9.5%