CVE-2020-5830 - Vulnerability Details - OpenCVE

ReportizFlow

Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Symantec	Endpoint Protection Manager

Configuration 1 [-]

OR	cpe:2.3:a:symantec:endpoint_protection_manager::::::::
	cpe:2.3:a:symantec:endpoint_protection_manager:14.2:-::::::
	cpe:2.3:a:symantec:endpoint_protection_manager:14.2:mp1::::::
	cpe:2.3:a:symantec:endpoint_protection_manager:14.2:ru1::::::
	cpe:2.3:a:symantec:endpoint_protection_manager:14.2:ru1-mp1::::::
	cpe:2.3:a:symantec:endpoint_protection_manager:14.2:ru2::::::

No data.

References

Link	Providers
https://support.symantec.com/us/en/article.SYMSA1505.html

History

No history.

MITRE

Status: PUBLISHED

Assigner: symantec

Published: 2020-02-11T17:12:50

Updated: 2024-08-04T08:39:25.879Z

Reserved: 2020-01-06T00:00:00

Link: CVE-2020-5830

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-02-11T18:15:17.387

Modified: 2024-11-21T05:34:39.740

Link: CVE-2020-5830

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Symantec Endpoint Protection Manager (SEPM)", "vendor": "n/a", "versions": [{"status": "affected", "version": "Prior to 14.2 RU2 MP1"}]}], "descriptions": [{"lang": "en", "value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."}], "problemTypes": [{"descriptions": [{"description": "Out of Bounds", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-02-11T17:12:50", "orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "shortName": "symantec"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://support.symantec.com/us/en/article.SYMSA1505.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "[email protected]", "ID": "CVE-2020-5830", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Symantec Endpoint Protection Manager (SEPM)", "version": {"version_data": [{"version_value": "Prior to 14.2 RU2 MP1"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Out of Bounds"}]}]}, "references": {"reference_data": [{"name": "https://support.symantec.com/us/en/article.SYMSA1505.html", "refsource": "MISC", "url": "https://support.symantec.com/us/en/article.SYMSA1505.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T08:39:25.879Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://support.symantec.com/us/en/article.SYMSA1505.html"}]}]}, "cveMetadata": {"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5", "assignerShortName": "symantec", "cveId": "CVE-2020-5830", "datePublished": "2020-02-11T17:12:50", "dateReserved": "2020-01-06T00:00:00", "dateUpdated": "2024-08-04T08:39:25.879Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "E8F6DC2F-C45D-40DD-85F1-2F6203801D11", "versionEndExcluding": "14.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:14.2:-:*:*:*:*:*:*", "matchCriteriaId": "B1C4C14C-66AF-407C-8724-7C16A839DE44", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:14.2:mp1:*:*:*:*:*:*", "matchCriteriaId": "15131034-0111-472A-91B4-14870AAB625E", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:14.2:ru1:*:*:*:*:*:*", "matchCriteriaId": "C72A5FE1-0382-46BC-9E8F-B338443F89AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:14.2:ru1-mp1:*:*:*:*:*:*", "matchCriteriaId": "9FCFBFF5-7341-4CB8-85CD-CD9ECBA3E457", "vulnerable": true}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection_manager:14.2:ru2:*:*:*:*:*:*", "matchCriteriaId": "807566A6-CF73-48DD-881B-13E2EF8FD077", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program."}, {"lang": "es", "value": "Symantec Endpoint Protection Manager (SEPM), versiones anteriores a 14.2 RU2 MP1, puede ser susceptible a una vulnerabilidad fuera de l\u00edmites, que es un tipo de problema que resulta en que una aplicaci\u00f3n existente lea la memoria fuera de los l\u00edmites de la memoria que ha sido asignada al programa."}], "id": "CVE-2020-5830", "lastModified": "2024-11-21T05:34:39.740", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 2.1, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 3.3, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2020-02-11T18:15:17.387", "references": [{"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://support.symantec.com/us/en/article.SYMSA1505.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://support.symantec.com/us/en/article.SYMSA1505.html"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-125"}], "source": "[email protected]", "type": "Primary"}]}