CVE-2013-5009

The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account.

CVSS v2.0 7.4 HIGH

7.4^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:A/AC:M/Au:S/C:C/I:C/A:C

Exploitability : 4.4 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securityfocus.com/bid/64128
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/90224

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:symantec:endpoint_protection:11.0:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0:ru5::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.2:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.6100:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.6200:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.4:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a::::::
	cpe:2.3:a:symantec:endpoint_protection::::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.6300:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0:ru6::::::
	cpe:2.3:a:symantec:endpoint_protection:11.0.7000:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.3001:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.7100:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.6000:::::::*
	cpe:2.3:a:symantec:endpoint_protection:11.0.1:::::::*

Information

Published : 2014-01-10 08:47

Updated : 2017-08-28 18:33

NVD link : CVE-2013-5009

Mitre link : CVE-2013-5009

JSON object : View

CWE

CWE-287

Improper Authentication

Products Affected

symantec

endpoint_protection

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.securityfocus.com/bid/64128", "name": "64128", "tags": [], "refsource": "BID"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00", "name": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140109_00", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90224", "name": "symantec-endpoint-cve20135009-priv-esc(90224)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The Management Console in Symantec Endpoint Protection (SEP) 11.x before 11.0.7.4 and 12.x before 12.1.2 RU2 and Endpoint Protection Small Business Edition 12.x before 12.1.2 RU2 does not properly perform authentication, which allows remote authenticated users to gain privileges by leveraging access to a limited-admin account."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-287"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2013-5009", "ASSIGNER": "secure@symantec.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.4, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 4.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2014-01-10T16:47Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "11.0.7.3"}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-08-29T01:33Z"}

7.4 /10