CVE-2012-4348
Published Dec 18, 2012
Last updated 12 years ago
Overview
- Description
- The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors.
- Source
- cve@mitre.org
- NVD status
- Modified
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 4.1
- Vector string
- AV:A/AC:L/Au:M/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-20
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A8C3211-6088-49D6-8228-C4E9B5DF1631"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.671:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E0A9C72-FD2F-40F3-A094-58FC34F0857A"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.1000:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D997D8A-C093-4250-9481-3ED28E541B4B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:-:small_business:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7D7E851B-1A0A-4077-9FCF-754D4FF798FF"
},
{
"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:small_business:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A89EF949-E330-4E70-BB93-AFE5E6F75120"
}
],
"operator": "OR"
}
]
}
]