CVE-2019-12750

high

Description

Symantec Endpoint Protection, prior to 14.2 RU1 & 12.1 RU6 MP10 and Symantec Endpoint Protection Small Business Edition, prior to 12.1 RU6 MP10c (12.1.7491.7002), may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.

References

https://support.symantec.com/us/en/article.SYMSA1487.html

http://seclists.org/fulldisclosure/2019/Dec/21

http://seclists.org/fulldisclosure/2019/Dec/11

http://packetstormsecurity.com/files/155581/Symantec-Endpoint-Protection-Information-Disclosure-Privilege-Escalation.html

Details

Source: Mitre, NVD

Published: 2019-07-31

Updated: 2020-08-24

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High