CVE-2018-12244 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.3 MEDIUM	NETWORK	LOW	NONE	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
symantec	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 62%

Vendor	Product	Version
symantec	endpoint_protection	11.0
symantec	endpoint_protection	11.0:mr1
symantec	endpoint_protection	11.0:mr2
symantec	endpoint_protection	11.0:mr3
symantec	endpoint_protection	11.0:mr4
symantec	endpoint_protection	11.0:mr4-mp2
symantec	endpoint_protection	11.0:ru5
symantec	endpoint_protection	11.0:ru6
symantec	endpoint_protection	11.0:ru6-mp1
symantec	endpoint_protection	11.0:ru6-mp2
symantec	endpoint_protection	11.0:ru6-mp3
symantec	endpoint_protection	11.0:ru6a
symantec	endpoint_protection	11.0:ru7
symantec	endpoint_protection	11.0:ru7-mp1
symantec	endpoint_protection	11.0:ru7-mp2
symantec	endpoint_protection	11.0:ru7-mp4
symantec	endpoint_protection	11.0:ru7-mp4a
symantec	endpoint_protection	11.0:ry7-mp3
symantec	endpoint_protection	12.1
symantec	endpoint_protection	12.1:ru1
symantec	endpoint_protection	12.1:ru1-mp1
symantec	endpoint_protection	12.1:ru2
symantec	endpoint_protection	12.1:ru2-mp1
symantec	endpoint_protection	12.1:ru3
symantec	endpoint_protection	12.1:ru4
symantec	endpoint_protection	12.1:ru4-mp1
symantec	endpoint_protection	12.1:ru4-mp1a
symantec	endpoint_protection	12.1:ru4-mp1b
symantec	endpoint_protection	12.1:ru4a
symantec	endpoint_protection	12.1:ru5
symantec	endpoint_protection	12.1:ru6
symantec	endpoint_protection	12.1:ru6-mp1
symantec	endpoint_protection	12.1:ru6-mp10
symantec	endpoint_protection	12.1:ru6-mp2
symantec	endpoint_protection	12.1:ru6-mp3
symantec	endpoint_protection	12.1:ru6-mp4
symantec	endpoint_protection	12.1:ru6-mp5
symantec	endpoint_protection	12.1:ru6-mp6
symantec	endpoint_protection	12.1:ru6-mp7
symantec	endpoint_protection	12.1:ru6-mp8
symantec	endpoint_protection	14.0.0:mp2
symantec	endpoint_protection	14.0.1
symantec	endpoint_protection	14.0.1:mp1
symantec	endpoint_protection	14.0.1:mp2
symantec	endpoint_protection	14.2
symantec	endpoint_protection	14.2:mp1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
The software saves user-provided information into a Comma-Separated Value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software.

References

https://support.symantec.com/en_US/article.SYMSA1479.html

https://www.securityfocus.com/bid/107999

https://support.symantec.com/en_US/article.SYMSA1479.html

https://www.securityfocus.com/bid/107999