CVE-2018-18367

Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
symantecCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 59%
VendorProductVersion
symantecendpoint_protection_manager
12.1:rtm
symantecendpoint_protection_manager
12.1:ru1
symantecendpoint_protection_manager
12.1:ru1-mp1
symantecendpoint_protection_manager
12.1:ru2
symantecendpoint_protection_manager
12.1:ru2-mp1
symantecendpoint_protection_manager
12.1:ru3
symantecendpoint_protection_manager
12.1:ru4
symantecendpoint_protection_manager
12.1:ru4-mp1
symantecendpoint_protection_manager
12.1:ru4-mp1a
symantecendpoint_protection_manager
12.1:ru4-mp1b
symantecendpoint_protection_manager
12.1:ru4a
symantecendpoint_protection_manager
12.1:ru5
symantecendpoint_protection_manager
12.1:ru6
symantecendpoint_protection_manager
12.1:ru6-mp1
symantecendpoint_protection_manager
12.1:ru6-mp1a
symantecendpoint_protection_manager
12.1:ru6-mp2
symantecendpoint_protection_manager
12.1:ru6-mp3
symantecendpoint_protection_manager
12.1:ru6-mp4
symantecendpoint_protection_manager
12.1:ru6-mp5
symantecendpoint_protection_manager
12.1:ru6-mp6
symantecendpoint_protection_manager
12.1:ru6-mp7
symantecendpoint_protection_manager
12.1:ru6-mp8
symantecendpoint_protection_manager
12.1:ru6-mp9
symantecendpoint_protection_manager
14.0.1
symantecendpoint_protection_manager
14.0.1:mp1
symantecendpoint_protection_manager
14.0.1:mp2
symantecendpoint_protection_manager
14.1
symantecendpoint_protection_manager
14.2
symantecendpoint_protection_manager
14.2:mp1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/107996
https://support.symantec.com/en_US/article.SYMSA1479.html
http://www.securityfocus.com/bid/107996
https://support.symantec.com/en_US/article.SYMSA1479.html