Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2020-AVI-122
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Symantec Endpoint Protection. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Symantec | N/A | Symantec Endpoint Protection Small Business Edition (SEP SBE) versions antérieures à 14.2 RU2 MP1 (14.2.5569.2100) | ||
| Symantec | N/A | Symantec Endpoint Protection (SEP) versions antérieures à 14.2 RU2 MP1 (14.2.5569.2100) | ||
| Symantec | N/A | Symantec Endpoint Protection Manager (SEPM) versions antérieures à 14.2 RU2 MP1 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Symantec Endpoint Protection Small Business Edition (SEP SBE) versions ant\u00e9rieures \u00e0 14.2 RU2 MP1 (14.2.5569.2100)",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Endpoint Protection (SEP) versions ant\u00e9rieures \u00e0 14.2 RU2 MP1 (14.2.5569.2100)",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
},
{
"description": "Symantec Endpoint Protection Manager (SEPM) versions ant\u00e9rieures \u00e0 14.2 RU2 MP1",
"product": {
"name": "N/A",
"vendor": {
"name": "Symantec",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-5822",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5822"
},
{
"name": "CVE-2020-5823",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5823"
},
{
"name": "CVE-2020-5829",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5829"
},
{
"name": "CVE-2020-5821",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5821"
},
{
"name": "CVE-2020-5827",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5827"
},
{
"name": "CVE-2020-5831",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5831"
},
{
"name": "CVE-2020-5830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5830"
},
{
"name": "CVE-2020-5820",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5820"
},
{
"name": "CVE-2020-5826",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5826"
},
{
"name": "CVE-2020-5824",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5824"
},
{
"name": "CVE-2020-5825",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5825"
},
{
"name": "CVE-2020-5828",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-5828"
}
],
"initial_release_date": "2020-03-04T00:00:00",
"last_revision_date": "2020-03-04T00:00:00",
"links": [],
"reference": "CERTFR-2020-AVI-122",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-03-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Symantec Endpoint\nProtection. Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Symantec Endpoint Protection",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Symantec SYMSA1505 du 03 mars 2020",
"url": "https://support.broadcom.com/security-advisory/security-advisory-detail.html?notificationId=SYMSA1505"
}
]
}
CVE-2020-5825 (GCVE-0-2020-5825)
Vulnerability from cvelistv5
Published
2020-02-11 17:07
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Arbitrary File Write
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Arbitrary File Write",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:31.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5825",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Arbitrary File Write"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5825",
"datePublished": "2020-02-11T17:07:31.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5820 (GCVE-0-2020-5820)
Vulnerability from cvelistv5
Published
2020-02-11 17:01
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege Escalation
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.921Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:01:32.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5820",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5820",
"datePublished": "2020-02-11T17:01:32.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.921Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5828 (GCVE-0-2020-5828)
Vulnerability from cvelistv5
Published
2020-02-11 17:11
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of Bounds
Summary
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection Manager (SEPM) |
Version: Prior to 14.2 RU2 MP1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.914Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection Manager (SEPM)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:11:18.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5828",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection Manager (SEPM)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5828",
"datePublished": "2020-02-11T17:11:18.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.914Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5829 (GCVE-0-2020-5829)
Vulnerability from cvelistv5
Published
2020-02-11 17:11
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of Bounds
Summary
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection Manager (SEPM) |
Version: Prior to 14.2 RU2 MP1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.936Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection Manager (SEPM)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:11:31.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection Manager (SEPM)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5829",
"datePublished": "2020-02-11T17:11:31.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.936Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5830 (GCVE-0-2020-5830)
Vulnerability from cvelistv5
Published
2020-02-11 17:12
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of Bounds
Summary
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection Manager (SEPM) |
Version: Prior to 14.2 RU2 MP1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.879Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection Manager (SEPM)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:12:50.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5830",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection Manager (SEPM)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5830",
"datePublished": "2020-02-11T17:12:50.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.879Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5831 (GCVE-0-2020-5831)
Vulnerability from cvelistv5
Published
2020-02-11 17:12
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of Bounds
Summary
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection Manager (SEPM) |
Version: Prior to 14.2 RU2 MP1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.919Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection Manager (SEPM)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:12:59.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5831",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection Manager (SEPM)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5831",
"datePublished": "2020-02-11T17:12:59.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5826 (GCVE-0-2020-5826)
Vulnerability from cvelistv5
Published
2020-02-11 17:09
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of Bounds
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:09:08.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5826",
"datePublished": "2020-02-11T17:09:08.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5821 (GCVE-0-2020-5821)
Vulnerability from cvelistv5
Published
2020-02-11 17:02
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- DLL Injection
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.861Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:02:06.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5821",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5821",
"datePublished": "2020-02-11T17:02:07.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.861Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5827 (GCVE-0-2020-5827)
Vulnerability from cvelistv5
Published
2020-02-11 17:09
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out of Bounds
Summary
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection Manager (SEPM) |
Version: Prior to 14.2 RU2 MP1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection Manager (SEPM)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out of Bounds",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:09:19.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5827",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection Manager (SEPM)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out of Bounds"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5827",
"datePublished": "2020-02-11T17:09:19.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5824 (GCVE-0-2020-5824)
Vulnerability from cvelistv5
Published
2020-02-11 17:07
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial of Service
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.932Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:07:04.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5824",
"datePublished": "2020-02-11T17:07:04.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.932Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5823 (GCVE-0-2020-5823)
Vulnerability from cvelistv5
Published
2020-02-11 17:04
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege Escalation
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:40.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5823",
"datePublished": "2020-02-11T17:04:40.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-5822 (GCVE-0-2020-5822)
Vulnerability from cvelistv5
Published
2020-02-11 17:04
Modified
2024-08-04 08:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Privilege Escalation
Summary
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE) |
Version: Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T08:39:25.924Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Privilege Escalation",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-02-11T17:04:33.000Z",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2020-5822",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)",
"version": {
"version_data": [
{
"version_value": "Prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/us/en/article.SYMSA1505.html",
"refsource": "MISC",
"url": "https://support.symantec.com/us/en/article.SYMSA1505.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2020-5822",
"datePublished": "2020-02-11T17:04:33.000Z",
"dateReserved": "2020-01-06T00:00:00.000Z",
"dateUpdated": "2024-08-04T08:39:25.924Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…