Lucene search

[email protected]CVE-2013-5010

HistoryJan 10, 2014 - 4:47 p.m.

CVE-2013-5010

2014-01-1016:47:05

CWE-264

[email protected]

web.nvd.nist.gov

symantec

endpoint protection

vulnerability

adc

cve-2013-5010

security

policy restrictions

6.2 Medium

AI Score

Confidence

Low

4.6 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.0004 Low

EPSS

Percentile

9.4%

JSON

The Application/Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly handle custom polices, which allows local users to bypass intended policy restrictions and access files or directories via unspecified vectors.

Affected configurations

NVD

Node

symantecendpoint_protectionRange≤11.0.7.3

symantecendpoint_protectionMatch11.0

symantecendpoint_protectionMatch11.0ru5

symantecendpoint_protectionMatch11.0ru6

symantecendpoint_protectionMatch11.0ru6a

symantecendpoint_protectionMatch11.0ru6mp1

symantecendpoint_protectionMatch11.0ru6mp2

symantecendpoint_protectionMatch11.0.1

symantecendpoint_protectionMatch11.0.1mp1

symantecendpoint_protectionMatch11.0.1mp2

symantecendpoint_protectionMatch11.0.2

symantecendpoint_protectionMatch11.0.2mp1

symantecendpoint_protectionMatch11.0.2mp2

symantecendpoint_protectionMatch11.0.4

symantecendpoint_protectionMatch11.0.4mp1a

symantecendpoint_protectionMatch11.0.4mp2

symantecendpoint_protectionMatch11.0.3001

symantecendpoint_protectionMatch11.0.6000

symantecendpoint_protectionMatch11.0.6100

symantecendpoint_protectionMatch11.0.6200

symantecendpoint_protectionMatch11.0.6200.754

symantecendpoint_protectionMatch11.0.6300

symantecendpoint_protectionMatch11.0.7000

symantecendpoint_protectionMatch11.0.7100

CPENameOperatorVersion
symantec:endpoint_protectionsymantec endpoint protectionle11.0.7.3
symantec:endpoint_protectionsymantec endpoint protectioneq11.0
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.1
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.2
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.4
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.3001
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.6000
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.6100
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.6200
symantec:endpoint_protectionsymantec endpoint protectioneq11.0.6200.754

CPE	Name	Operator	Version
symantec:endpoint_protection	symantec endpoint protection	le	11.0.7.3
symantec:endpoint_protection	symantec endpoint protection	eq	11.0
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.1
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.2
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.4
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.3001
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.6000
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.6100
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.6200
symantec:endpoint_protection	symantec endpoint protection	eq	11.0.6200.754