Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-5011
HistoryJan 10, 2014 - 4:47 p.m.

CVE-2013-5011

2014-01-1016:47:05
CWE-22
[email protected]
web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.5%

JSON

Unquoted Windows search path vulnerability in the client in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 allows local users to gain privileges via a crafted program in the %SYSTEMDRIVE% directory.

Affected configurations

NVD
Node
symantecendpoint_protectionRange11.0.7.3
OR
symantecendpoint_protectionMatch11.0
OR
symantecendpoint_protectionMatch11.0ru5
OR
symantecendpoint_protectionMatch11.0ru6
OR
symantecendpoint_protectionMatch11.0ru6a
OR
symantecendpoint_protectionMatch11.0ru6mp1
OR
symantecendpoint_protectionMatch11.0ru6mp2
OR
symantecendpoint_protectionMatch11.0.1
OR
symantecendpoint_protectionMatch11.0.1mp1
OR
symantecendpoint_protectionMatch11.0.1mp2
OR
symantecendpoint_protectionMatch11.0.2
OR
symantecendpoint_protectionMatch11.0.2mp1
OR
symantecendpoint_protectionMatch11.0.2mp2
OR
symantecendpoint_protectionMatch11.0.4
OR
symantecendpoint_protectionMatch11.0.4mp1a
OR
symantecendpoint_protectionMatch11.0.4mp2
OR
symantecendpoint_protectionMatch11.0.3001
OR
symantecendpoint_protectionMatch11.0.6000
OR
symantecendpoint_protectionMatch11.0.6100
OR
symantecendpoint_protectionMatch11.0.6200
OR
symantecendpoint_protectionMatch11.0.6200.754
OR
symantecendpoint_protectionMatch11.0.6300
OR
symantecendpoint_protectionMatch11.0.7000
OR
symantecendpoint_protectionMatch11.0.7100

Related

cvelist 1
prion 1
cve 1
nessus 1
openvas 2
symantec 1
cvelist
cvelist
CVE-2013-5011
2014-01-10 16:00:00
prion
prion
Design/Logic Flaw
2014-01-10 16:47:00
cve
cve
CVE-2013-5011
2014-01-10 16:47:05
nessus
nessus
Symantec Endpoint Protection Client < 11.0.7.4 / 12.1.2 (SYM14-001)
2014-01-16 00:00:00
openvas
openvas
Symantec Endpoint Protection Multiple Vulnerabilities (Jan 2014)
2014-01-27 00:00:00
Microsoft Windows Unquoted Path Vulnerability (SMB Login)
2018-03-23 00:00:00
symantec
symantec
Symantec Endpoint Protection Privilege Assumption, Policy Bypass, Local Elevation of Privilege
2014-01-09 08:00:00

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

9.5%

JSON
Related for NVD:CVE-2013-5011
cvelist1prion1cve1nessus1openvas2symantec1