Lucene search

[email protected]CVE-2013-5016

HistoryMay 08, 2014 - 10:55 a.m.

CVE-2013-5016

2014-05-0810:55:02

CWE-264

[email protected]

web.nvd.nist.gov

symantec

scsp

cve-2013-5016

windows server 2003 r2

security vulnerability

bypass policy settings

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.5%

JSON

Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors.

Affected configurations

NVD

Node

broadcomsymantec_critical_system_protectionRange≤5.2.8

AND

microsoftwindows_2003_serverr2

CPENameOperatorVersion
broadcom:symantec_critical_system_protectionbroadcom symantec critical system protectionle5.2.8

CPE	Name	Operator	Version
broadcom:symantec_critical_system_protection	broadcom symantec critical system protection	le	5.2.8

References

www.securityfocus.com/bid/67161

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140502_00

7.6 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

6.8 Medium

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.5%

JSON

Related for CVE-2013-5016

prion1 cvelist1 nessus1 symantec1 nvd1