Lucene search

PRIOn knowledge basePRION:CVE-2012-4348

HistoryDec 18, 2012 - 8:55 p.m.

Input validation

2012-12-1820:55:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:M/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.7%

JSON

The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
endpoint_protectioneq11.0.4 mp1a
endpoint_protectioneq11.0.2
endpoint_protectioneq11.0.6300
endpoint_protectioneq11.0 ru6a
endpoint_protectioneq11.0.4
endpoint_protectioneq11.0 ru6mp2
endpoint_protectioneq11.0.4 mp2
endpoint_protectioneq11.0.1 mp1
endpoint_protectioneq11.0
endpoint_protectioneq11.0.2 mp2

Name	Operator	Version
endpoint_protection	eq	11.0.4 mp1a
endpoint_protection	eq	11.0.2
endpoint_protection	eq	11.0.6300
endpoint_protection	eq	11.0 ru6a
endpoint_protection	eq	11.0.4
endpoint_protection	eq	11.0 ru6mp2
endpoint_protection	eq	11.0.4 mp2
endpoint_protection	eq	11.0.1 mp1
endpoint_protection	eq	11.0
endpoint_protection	eq	11.0.2 mp2

Rows per page:

1-10 of 281

References

www.securityfocus.com/bid/56846

www.securitytracker.com/id?1027863

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121210_00

7.9 High

AI Score

Confidence

Low

7.2 High

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

LOW

Authentication

MULTIPLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:M/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

70.7%

JSON

Related for PRION:CVE-2012-4348