CVE-2019-9701
Published Jun 19, 2019
Last updated 5 years ago
Overview
- Description
- DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site scripting (XSS) vulnerability, a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
- Source
- secure@symantec.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 4.8
- Impact score
- 2.7
- Exploitability score
- 1.7
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.5
- Impact score
- 2.9
- Exploitability score
- 6.8
- Vector string
- AV:N/AC:M/Au:S/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- CWE-79
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F842F400-93B3-4376-AFCC-C8C9C63896B6"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3972E2E8-DA86-4892-883C-65462FB9A190"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0193904A-0BAA-4660-9327-2F8276FA4D3D"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D252B8D3-C41D-4D99-AB59-3D6F5E14D829"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.5:mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8A2EAFF5-D676-43FF-97C9-8070D49EF4F3"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1ECB2955-D76C-48C5-BD82-93CF0D3BDB53"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.6:mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F17CD295-737A-4F45-B938-AE811C4ACDF1"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.6:mp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "90E32E87-B5FB-4921-A25C-43D20DF47359"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:14.6:mp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "78A62EE3-6605-4D8F-9510-26835CA8C61A"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:15.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "79B13E58-8A7D-485E-8EAE-FB253B0DC154"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:15.0:mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C9209A5C-9CB4-4C24-83D3-466DF0BDDA9D"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:15.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2C87CECE-4CFE-4398-8017-AE2F838CA4B3"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:15.1:mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E20035F-CEFF-489D-92E2-2EA8B3CAA554"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:15.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6E19E68C-4B5E-4A1B-BEA6-516D9C84FB5A"
},
{
"criteria": "cpe:2.3:a:symantec:data_loss_prevention:15.5:mp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3269E939-1943-44AF-9E60-DF79EB14E9C1"
}
],
"operator": "OR"
}
]
}
]