- Description
- Multiple unquoted Windows search path vulnerabilities in the (1) File Collector and (2) File PlaceHolder services in Symantec Enterprise Vault (EV) for File System Archiving before 9.0.4 and 10.x before 10.0.1 allow local users to gain privileges via a Trojan horse program.
- Source
- secure@symantec.com
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 10
- Exploitability score
- 3.1
- Vector string
- AV:L/AC:L/Au:S/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:enterprise_vault_for_file_system_archiving:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "36C5BBCC-B0C1-4B90-B2DE-5457419CA88A",
"versionEndIncluding": "9.0.3"
},
{
"criteria": "cpe:2.3:a:symantec:enterprise_vault_for_file_system_archiving:10.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7A76C69-5D78-4287-8E88-D633513CE047"
}
],
"operator": "OR"
}
]
}
]