CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Symantec : Security Vulnerabilities (CVSS score between 5 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-12593 2020-11-18 2020-11-30
5.0
None Remote Low Not required Partial None None
Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
2 CVE-2020-5839 200 +Info 2020-07-08 2021-07-21
5.0
None Remote Low Not required Partial None None
Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data.
3 CVE-2020-5834 22 Dir. Trav. 2020-05-11 2020-05-14
5.0
None Remote Low Not required Partial None None
Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory.
4 CVE-2019-18377 +Priv 2019-12-11 2020-08-24
6.5
None Remote Low ??? Partial Partial Partial
Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
5 CVE-2018-18369 426 2019-04-25 2019-05-02
6.8
None Remote Medium Not required Partial Partial Partial
Norton Security (Windows client) prior to 22.16.3 and SEP SBE (Windows client) prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22 & SEP-12.1.7484.7002, may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
6 CVE-2018-18367 426 2019-04-25 2019-05-03
6.8
None Remote Medium Not required Partial Partial Partial
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
7 CVE-2018-18365 2019-04-09 2020-08-24
5.0
None Remote Low Not required None Partial None
Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic.
8 CVE-2018-18364 426 Exec Code 2019-02-08 2019-02-13
6.0
None Remote Medium ??? Partial Partial Partial
Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.
9 CVE-2018-12245 426 2018-11-29 2018-12-28
6.8
None Remote Medium Not required Partial Partial Partial
Symantec Endpoint Protection prior to 14.2 MP1 may be susceptible to a DLL Preloading vulnerability, which in this case is an issue that can occur when an application being installed unintentionally loads a DLL provided by a potential attacker. Note that this particular type of exploit only manifests at install time; no remediation is required for software that has already been installed. This issue only impacted the Trialware media for Symantec Endpoint Protection, which has since been updated.
10 CVE-2018-12244 1236 2019-04-25 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.
11 CVE-2018-12243 611 2018-09-19 2018-12-08
5.8
None Local Network Low Not required Partial Partial Partial
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths in the system identifier to access files that should not normally be accessible.
12 CVE-2018-5243 400 DoS 2018-08-20 2018-10-16
5.0
None Remote Low Not required None None Partial
The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
13 CVE-2018-5240 +Priv 2018-07-25 2019-10-03
5.2
None Local Network Low ??? Partial Partial Partial
The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
14 CVE-2018-5238 427 2018-08-22 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
15 CVE-2018-5237 +Priv 2018-06-20 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
16 CVE-2017-15532 22 Dir. Trav. 2017-12-20 2018-01-05
5.5
None Local Network Low ??? Complete None None
Prior to 10.6.4, Symantec Messaging Gateway may be susceptible to a path traversal attack (also known as directory traversal). These types of attacks aim to access files and directories that are stored outside the web root folder. By manipulating variables, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files.
17 CVE-2017-15531 287 2018-01-23 2018-05-04
5.0
None Remote Low Not required Partial None None
Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter.
18 CVE-2017-15527 22 Dir. Trav. 2017-11-20 2017-12-12
5.2
None Local Network Low ??? Partial Partial Partial
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur when there is insufficient security validation / sanitization of user-supplied input file names, such that characters representing "traverse to parent directory" are passed through to the file APIs.
19 CVE-2017-15526 476 2017-11-13 2017-11-29
5.2
None Local Network Low ??? Partial Partial Partial
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerException that can lead to a privilege escalation scenario.
20 CVE-2017-15525 DoS 2017-11-13 2019-10-03
5.5
None Local Network Low ??? None None Complete
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
21 CVE-2017-6328 352 CSRF 2017-08-11 2017-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of cross site request forgery (also known as one-click attack and is abbreviated as CSRF or XSRF), which is a type of malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. A CSRF attack attempts to exploit the trust that a specific website has in a user's browser.
22 CVE-2017-6327 20 Exec Code +Priv 2017-08-11 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution, which describes a situation whereby an individual may obtain the ability to execute commands remotely on a target machine or in a target process. In this type of occurrence, after gaining access to the system, the attacker may attempt to elevate their privileges.
23 CVE-2017-6325 94 Exec Code File Inclusion 2017-06-26 2017-07-07
6.0
None Remote Medium ??? Partial Partial Partial
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an attacker-controlled variable in a way that allows the attacker to control which file is executed at run time. This file inclusion vulnerability subverts how an application loads code for execution. Successful exploitation of a file inclusion vulnerability will result in remote code execution on the web server that runs the affected web application.
24 CVE-2017-6323 611 DoS 2018-04-16 2018-05-23
5.2
None Local Network Low ??? Partial Partial Partial
The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts.
25 CVE-2016-9094 20 2018-04-16 2018-05-22
6.8
None Remote Medium Not required Partial Partial Partial
Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. The quarantine logs can be exported for review by the user in a variety of formats including .CSV files. Prior to 14.0 MP1 and 12.1 RU6 MP7, the potential exists for file metadata to be interpreted and evaluated as a formula. Successful exploitation of an attack of this type requires considerable direct user-interaction from the user exporting and then opening the log files on the intended target client.
26 CVE-2016-9093 20 DoS +Priv 2018-04-16 2018-05-23
6.9
None Local Medium Not required Complete Complete Complete
A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. SEP 14.0 and later are not impacted by this issue. A non-admin user would need to be able to save an executable file to disk and then be able to successfully run that file. If properly constructed, the file could access the driver interface and potentially manipulate certain system calls. On all 32-bit systems and in most cases on 64-bit systems, this will result in a denial of service that will crash the system. In very narrow circumstances, and on 64-bit systems only, this could allow the user to run arbitrary code on the local machine with kernel-level privileges. This could result in a non-privileged user gaining privileged access on the local machine.
27 CVE-2016-9092 352 CSRF 2017-05-11 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
The Symantec Content Analysis (CA) 1.3, 2.x prior to 2.2.1.1, and Mail Threat Defense (MTD) 1.1 management consoles are susceptible to a cross-site request forging (CSRF) vulnerability. A remote attacker can use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user.
28 CVE-2016-5311 427 2020-01-09 2020-01-29
6.9
None Local Medium Not required Complete Complete Complete
A Privilege Escalation vulnerability exists in Symantec Norton Antivirus, Norton AntiVirus with Backup, Norton Security, Norton Security with Backup, Norton Internet Security, Norton 360, Endpoint Protection Small Business Edition Cloud, and Endpoint Protection Cloud Client due to a DLL-preloading without path restrictions, which could let a local malicious user obtain system privileges.
29 CVE-2016-5306 200 +Info 2016-06-30 2017-09-01
5.0
None Remote Low Not required Partial None None
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.
30 CVE-2016-3653 352 CSRF 2016-06-30 2017-09-03
6.0
None Remote Medium ??? Partial Partial Partial
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
31 CVE-2016-3651 200 +Info 2016-06-30 2017-09-01
6.0
None Remote Medium ??? Partial Partial Partial
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
32 CVE-2016-2205 22 Dir. Trav. 2016-07-12 2017-09-01
6.1
None Local Network Low Not required Complete None None
Directory traversal vulnerability in the file-download configuration file in the management console in Symantec Workspace Streaming (SWS) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 and Symantec Workspace Virtualization (SWV) 7.5.x before 7.5 SP1 HF9 and 7.6.0 before 7.6 HF5 allows remote authenticated users to read unspecified application files via unknown vectors.
33 CVE-2016-2204 74 2016-04-22 2016-12-03
6.5
None Local Low ??? Complete Complete Complete
The management console on Symantec Messaging Gateway (SMG) Appliance devices before 10.6.1 allows local users to obtain root-shell access via crafted terminal-window input.
34 CVE-2015-8151 78 Exec Code 2016-02-18 2016-12-06
5.8
None Remote Low ??? Partial Partial Partial
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote authenticated users to execute arbitrary OS commands by leveraging console administrator access.
35 CVE-2015-8150 264 2016-02-18 2016-12-06
6.3
None Local Medium ??? Complete Complete Complete
Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows local users to obtain root access by modifying a batch file.
36 CVE-2015-8149 119 DoS Overflow Mem. Corr. 2016-02-18 2016-12-06
5.0
None Remote Low Not required None None Partial
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to cause a denial of service (heap memory corruption and service outage) via crafted requests.
37 CVE-2015-8148 200 +Info 2016-02-18 2016-12-06
5.0
None Remote Low Not required Partial None None
The LDAP service in Symantec Encryption Management Server (SEMS) 3.3.2 before MP12 allows remote attackers to obtain sensitive information about administrator accounts via a modified request.
38 CVE-2015-6548 89 Exec Code Sql 2015-09-20 2016-12-22
5.8
None Remote Low ??? Partial Partial Partial
Multiple SQL injection vulnerabilities in a PHP script in the management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0.0.1277 allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
39 CVE-2015-5689 119 DoS Exec Code Overflow +Info 2015-09-20 2016-12-22
6.8
None Remote Medium Not required Partial Partial Partial
ghostexp.exe in Ghost Explorer Utility in Symantec Ghost Solutions Suite (GSS) before 3.0 HF2 12.0.0.8010 and Symantec Deployment Solution (DS) before 7.6 HF4 12.0.0.7045 performs improper sign-extend operations before array-element accesses, which allows remote attackers to execute arbitrary code, cause a denial of service (application crash), or possibly obtain sensitive information via a crafted Ghost image.
40 CVE-2015-4334 200 +Info 2015-12-07 2019-02-12
5.0
None Remote Low Not required Partial None None
The default configuration of SGOS in Blue Coat ProxySG before 6.2.16.5, 6.5 before 6.5.7.1, and 6.6 before 6.6.2.1 forwards authentication challenges from upstream origin content servers (OCS) when used in an explicit proxy deployment, which makes it easier for remote attackers to obtain sensitive information via a 407 (aka Proxy Authentication Required) HTTP status code, as demonstrated when using NTLM authentication.
41 CVE-2015-1491 89 Exec Code Sql 2015-08-01 2017-09-21
6.0
None Remote Medium ??? Partial Partial Partial
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
42 CVE-2015-1490 22 Dir. Trav. 2015-08-01 2017-09-21
5.5
None Remote Low ??? None Partial Partial
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package.
43 CVE-2015-1487 20 2015-08-01 2017-09-21
5.5
None Remote Low ??? None Partial Partial
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.
44 CVE-2015-1485 352 CSRF 2015-06-28 2017-09-22
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators.
45 CVE-2015-1484 +Priv 2015-04-22 2017-01-03
6.9
None Local Medium Not required Complete Complete Complete
Unquoted Windows search path vulnerability in the agent in Symantec Workspace Streaming (SWS) 6.1 before SP8 MP2 HF7 and 7.5 before SP1 HF4, when AppMgrService.exe is configured as a service, allows local users to gain privileges via a Trojan horse executable file in the %SYSTEMDRIVE% directory, as demonstrated by program.exe.
46 CVE-2014-9229 89 Exec Code Sql 2015-09-20 2017-09-23
6.5
None Remote Low ??? Partial Partial Partial
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
47 CVE-2014-7289 89 Exec Code Sql 2015-01-21 2021-08-04
6.5
None Remote Low ??? Partial Partial Partial
SQL injection vulnerability in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary SQL commands via a crafted HTTP request.
48 CVE-2014-7287 74 2015-02-01 2017-09-08
5.0
None Remote Low Not required None Partial None
The key-management component in Symantec PGP Universal Server and Encryption Management Server before 3.3.2 MP7 allows remote attackers to trigger unintended content in outbound e-mail messages via a crafted key UID value in an inbound e-mail message, as demonstrated by the outbound Subject header.
49 CVE-2014-7285 77 1 Exec Code 2014-12-17 2017-01-03
6.5
None Remote Low ??? Partial Partial Partial
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.
50 CVE-2014-3439 2014-11-07 2018-10-09
6.1
None Local Network Low Not required None None Complete
ConsoleServlet in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to write to arbitrary files via unspecified vectors.
Total number of vulnerabilities : 151   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.