CVE-2015-8801
2.9 Low
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
4.4 Medium
AI Score
Confidence
High
3.3 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
9.4%
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| symantec:endpoint_protection_manager | symantec endpoint protection manager | le | 12.1.6 |
Related
2.9 Low
CVSS3
Attack Vector
PHYSICAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
4.4 Medium
AI Score
Confidence
High
3.3 Low
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
9.4%