Summary
This host is installed with Symantec Endpoint Protection is prone to multiple vulnerabilities.
Impact
Successful exploitation may allow an attacker to gain escalated privileges and access sensitive files or directories.
Impact Level: System/Application.
Solution
Upgrade to Symantec Endpoint Protection (SEP) version 11.0.7.4 or 12.1.2 RU2 or Endpoint Protection Small Business Edition 12.x before version 12.1.2RU2.
For Updates refer http://www.symantec.com/en/in/endpoint-protection.
*****
NOTE: Ignore this warning if above mentioned patch is installed.
*****
Insight
The flaw exist due to,
- application not properly verifying the authentication of authorised users.
- an unspecified error in Application/Device Control (ADC) component.
- an unquoted search path.
Affected
Symantec Endpoint Protection (SEP) 11.x before version 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2
Detection
Get the installed version of Symantec Endpoint Protection and check the version is vulnerable or not.
References
Severity
Classification
-
CVE CVE-2013-5009, CVE-2013-5010, CVE-2013-5011 -
CVSS Base Score: 7.4
AV:A/AC:M/Au:S/C:C/I:C/A:C
Related Vulnerabilities