Lucene search

[email protected]NVD:CVE-2012-4348

HistoryDec 18, 2012 - 8:55 p.m.

CVE-2012-4348

2012-12-1820:55:01

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

7.2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:M/C:C/I:C/A:C

AI Score

7.3

Confidence

Low

EPSS

0.003

Percentile

71.6%

JSON

The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors.

Affected configurations

Nvd

Node

symantecendpoint_protectionMatch11.0

symantecendpoint_protectionMatch11.0ru5

symantecendpoint_protectionMatch11.0ru6

symantecendpoint_protectionMatch11.0ru6a

symantecendpoint_protectionMatch11.0ru6mp1

symantecendpoint_protectionMatch11.0ru6mp2

symantecendpoint_protectionMatch11.0.1

symantecendpoint_protectionMatch11.0.1mp1

symantecendpoint_protectionMatch11.0.1mp2

symantecendpoint_protectionMatch11.0.2

symantecendpoint_protectionMatch11.0.2mp1

symantecendpoint_protectionMatch11.0.2mp2

symantecendpoint_protectionMatch11.0.4

symantecendpoint_protectionMatch11.0.4mp1a

symantecendpoint_protectionMatch11.0.4mp2

symantecendpoint_protectionMatch11.0.3001

symantecendpoint_protectionMatch11.0.6000

symantecendpoint_protectionMatch11.0.6100

symantecendpoint_protectionMatch11.0.6200

symantecendpoint_protectionMatch11.0.6200.754

symantecendpoint_protectionMatch11.0.6300

symantecendpoint_protectionMatch11.0.7000

symantecendpoint_protectionMatch11.0.7100

Node

symantecendpoint_protectionMatch12.1

symantecendpoint_protectionMatch12.1.671

symantecendpoint_protectionMatch12.1.1000

Node

symantecendpoint_protectionMatch12.0-small_business

symantecendpoint_protectionMatch12.1-small_business

VendorProductVersionCPE
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*
symantecendpoint_protection11.0cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*
symantecendpoint_protection11.0.1cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*
symantecendpoint_protection11.0.1cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*
symantecendpoint_protection11.0.1cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*
symantecendpoint_protection11.0.2cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:::::::*
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru5::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1::::::
symantec	endpoint_protection	11.0	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2::::::
symantec	endpoint_protection	11.0.1	cpe:2.3:a:symantec:endpoint_protection:11.0.1:::::::*
symantec	endpoint_protection	11.0.1	cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1::::::
symantec	endpoint_protection	11.0.1	cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2::::::
symantec	endpoint_protection	11.0.2	cpe:2.3:a:symantec:endpoint_protection:11.0.2:::::::*