CVE-2012-4350

Multiple unquoted Windows search path vulnerabilities in the (1) Manager and (2) Agent components in Symantec Enterprise Security Manager (ESM) before 11.0 allow local users to gain privileges via unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
VendorProductVersion
symantecenterprise_security_manager
𝑥
≤ 10.0
symantecenterprise_security_manager
6.0
symantecenterprise_security_manager
6.5
symantecenterprise_security_manager
6.5.0
symantecenterprise_security_manager
6.5.1
symantecenterprise_security_manager
6.5.2
symantecenterprise_security_manager
6.5.3
symantecenterprise_security_manager
9.0
symantecenterprise_security_manager
9.0.1
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/56915
http://www.securitytracker.com/id?1027874
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121213_00
http://www.securityfocus.com/bid/56915
http://www.securitytracker.com/id?1027874
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121213_00