Lucene search

K
cve[email protected]CVE-2019-9701
HistoryJun 19, 2019 - 4:15 p.m.

CVE-2019-9701

2019-06-1916:15:11
CWE-79
web.nvd.nist.gov
89
cve-2019-9701
dlp
cross-site scripting
vulnerability
nvd
access controls

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

4.8 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.958 High

EPSS

Percentile

99.4%

DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.

Affected configurations

NVD
Node
symantecdata_loss_preventionMatch14.0
OR
symantecdata_loss_preventionMatch14.0.1
OR
symantecdata_loss_preventionMatch14.0.2
OR
symantecdata_loss_preventionMatch14.5
OR
symantecdata_loss_preventionMatch14.5mp1
OR
symantecdata_loss_preventionMatch14.6
OR
symantecdata_loss_preventionMatch14.6mp1
OR
symantecdata_loss_preventionMatch14.6mp2
OR
symantecdata_loss_preventionMatch14.6mp3
OR
symantecdata_loss_preventionMatch15.0
OR
symantecdata_loss_preventionMatch15.0mp1
OR
symantecdata_loss_preventionMatch15.1
OR
symantecdata_loss_preventionMatch15.1mp1
OR
symantecdata_loss_preventionMatch15.5
OR
symantecdata_loss_preventionMatch15.5mp1

CNA Affected

[
  {
    "product": "Data Loss Prevention",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Prior to and including DLP 15.5 MP1"
      }
    ]
  }
]

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

4.8 Medium

AI Score

Confidence

High

3.5 Low

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:S/C:N/I:P/A:N

0.958 High

EPSS

Percentile

99.4%