CVE-2015-8801

low

Description

Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.

References

https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01

http://www.securitytracker.com/id/1036196

http://www.securityfocus.com/bid/91446

Details

Source: Mitre, NVD

Published: 2016-06-30

Updated: 2017-09-01

Risk Information

CVSS v2

Base Score: 3.3

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:N

Severity: Low

CVSS v3

Base Score: 2.9

Vector: CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

Severity: Low