var-201811-0074
Vulnerability from variot
Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. plural Symantec The product contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Symantec Products are prone to an local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Symantec Norton and others are products of Symantec Corporation of the United States. Symantec Norton is an antivirus program. Endpoint Protection (SEP) is an endpoint protection program. Attackers can exploit this vulnerability to bypass detection by virus detection engines
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201811-0074",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "norton antivirus",
"scope": "lt",
"trust": 1.8,
"vendor": "symantec",
"version": "22.15"
},
{
"model": "endpoint protection",
"scope": "lt",
"trust": 1.8,
"vendor": "symantec",
"version": "12.1.7454.7000"
},
{
"model": "endpoint protection cloud",
"scope": "lt",
"trust": 1.8,
"vendor": "symantec",
"version": "22.15.1"
},
{
"model": "endpoint protection",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "lte",
"trust": 1.0,
"vendor": "symantec",
"version": "14.2"
},
{
"model": "endpoint protection",
"scope": "gte",
"trust": 1.0,
"vendor": "symantec",
"version": "14.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "14.2"
},
{
"model": "endpoint protection small business edition",
"scope": "lt",
"trust": 0.8,
"vendor": "symantec",
"version": "nis-22.15.1.8"
},
{
"model": "endpoint protection small business edition",
"scope": "eq",
"trust": 0.8,
"vendor": "symantec",
"version": "sep-12.1.7454.7000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0.4000.2295"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.2.2020"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.1.1007"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.2.2021"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.2.2001"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.2.2011"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.2.2000"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.1.1008"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.1"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.2.2010"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.6,
"vendor": "symantec",
"version": "10.0.2.2002"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.02"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "5.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "22.7"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "21.0"
},
{
"model": "norton antivirus",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "17.6.0.32"
},
{
"model": "endpoint protection cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "endpoint protection cloud",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "14"
},
{
"model": "endpoint protection mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.5"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.3"
},
{
"model": "endpoint protection ru2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.26"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4010.19"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001.2224"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2020.56"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2010.25"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2001.10"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2000.1567"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1005.1428"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1002.1378"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1000.1375"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.781.1287"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.780.1109"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.7"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "14.0.3752.1000"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "14.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "14.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.671"
},
{
"model": "endpoint protection mp5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.6"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.4100.4126"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.4013"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.4"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.2015.2015"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.2.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.1000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.1.1"
},
{
"model": "endpoint protection ru7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru6 mp9",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru6 mp7",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru6 mp6",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru6 mp5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru6 mp10",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru6",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru4 mp1b",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru1-mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection ru1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection small busines",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1-"
},
{
"model": "endpoint protection mp5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1"
},
{
"model": "endpoint protection small busines",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0-"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "12.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.1.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.7100"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.7000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.7.4"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.7.3"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.7.2"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.7.1"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6300"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200.754"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6200"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6100"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.6000"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4202.75"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4"
},
{
"model": "endpoint protection mp1a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.4"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.3001"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.2"
},
{
"model": "endpoint protection mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0.1"
},
{
"model": "endpoint protection ru7-mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru7 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6a",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp3(11.0.63",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp2(11.0.62",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6-mp1(11.0.61",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru6 mp1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru5",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection ru4",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr3",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "endpoint protection",
"scope": "eq",
"trust": 0.3,
"vendor": "symantec",
"version": "11.0"
},
{
"model": "norton antivirus",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "22.15"
},
{
"model": "endpoint protection cloud",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "22.15"
},
{
"model": "endpoint protection nis-22.15.1.8 smal",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": null
},
{
"model": "endpoint protection",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "14.2"
},
{
"model": "endpoint protection sma",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.7454.7000-"
},
{
"model": "endpoint protection",
"scope": "ne",
"trust": 0.3,
"vendor": "symantec",
"version": "12.1.7454.7000"
}
],
"sources": [
{
"db": "BID",
"id": "105917"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
},
{
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:symantec:norton_antivirus",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:symantec:endpoint_protection",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:symantec:endpoint_protection_cloud",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:symantec:endpoint_protection_for_small_business",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Qualys Malware Research Lab",
"sources": [
{
"db": "BID",
"id": "105917"
}
],
"trust": 0.3
},
"cve": "CVE-2018-12238",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CVE-2018-12238",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "VHN-122177",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2018-12238",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2018-12238",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2018-12238",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201811-909",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-122177",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122177"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
},
{
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 \u0026 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 \u0026 SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. plural Symantec The product contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Symantec Products are prone to an local security-bypass vulnerability. \nLocal attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Symantec Norton and others are products of Symantec Corporation of the United States. Symantec Norton is an antivirus program. Endpoint Protection (SEP) is an endpoint protection program. Attackers can exploit this vulnerability to bypass detection by virus detection engines",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-12238"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "BID",
"id": "105917"
},
{
"db": "VULHUB",
"id": "VHN-122177"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-12238",
"trust": 2.8
},
{
"db": "BID",
"id": "105917",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011301",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-122177",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122177"
},
{
"db": "BID",
"id": "105917"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
},
{
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"id": "VAR-201811-0074",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-122177"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:51:58.278000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SYMSA1468",
"trust": 0.8,
"url": "https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html"
},
{
"title": "Multiple Symantec Product security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87325"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-254",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://support.symantec.com/content/unifiedweb/en_us/article.symsa1468.html"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105917"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12238"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-12238"
},
{
"trust": 0.3,
"url": "http://www.symantec.com"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-122177"
},
{
"db": "BID",
"id": "105917"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
},
{
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-122177"
},
{
"db": "BID",
"id": "105917"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
},
{
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-11-29T00:00:00",
"db": "VULHUB",
"id": "VHN-122177"
},
{
"date": "2018-11-28T00:00:00",
"db": "BID",
"id": "105917"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"date": "2018-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-909"
},
{
"date": "2018-11-29T14:29:00.250000",
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-122177"
},
{
"date": "2018-11-28T00:00:00",
"db": "BID",
"id": "105917"
},
{
"date": "2019-01-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011301"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201811-909"
},
{
"date": "2024-11-21T03:44:50.323000",
"db": "NVD",
"id": "CVE-2018-12238"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "105917"
},
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural Symantec Vulnerabilities related to security functions in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011301"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "lack of information",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201811-909"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.