Design/Logic Flaw

2019-04-2519:29:00

PRIOn knowledge base

www.prio-n.com

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

35.1%

JSON

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.

CPENameOperatorVersion
endpoint_protectioneq12.1
endpoint_protectioneq12.1
endpoint_protectioneq12.1
endpoint_protectioneq11.0 mr1
endpoint_protectioneq11.0 mr2
endpoint_protectioneq11.0 mr3
endpoint_protectioneq11.0 mr4
endpoint_protectioneq11.0
endpoint_protectioneq11.0 ru5
endpoint_protectioneq11.0 ru6

Name	Operator	Version
endpoint_protection	eq	12.1
endpoint_protection	eq	12.1
endpoint_protection	eq	12.1
endpoint_protection	eq	11.0 mr1
endpoint_protection	eq	11.0 mr2
endpoint_protection	eq	11.0 mr3
endpoint_protection	eq	11.0 mr4
endpoint_protection	eq	11.0
endpoint_protection	eq	11.0 ru5
endpoint_protection	eq	11.0 ru6