CVE-2018-18367 (GCVE-0-2018-18367)
Vulnerability from cvelistv5
Published
2019-04-25 19:22
Modified
2024-08-05 11:08
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- DLL Preloading
Summary
Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.
References
| ► | URL | Tags | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Symantec Corporation | Symantec Endpoint Protection Manager |
Version: Prior to and including 12.1 RU6 MP9 Version: Prior to 14.2 RU1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T11:08:21.714Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107996",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/107996"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Symantec Endpoint Protection Manager",
"vendor": "Symantec Corporation",
"versions": [
{
"status": "affected",
"version": "Prior to and including 12.1 RU6 MP9"
},
{
"status": "affected",
"version": "Prior to 14.2 RU1"
}
]
}
],
"datePublic": "2019-04-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "DLL Preloading",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-25T19:22:17",
"orgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"shortName": "symantec"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107996",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/107996"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@symantec.com",
"ID": "CVE-2018-18367",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Symantec Endpoint Protection Manager",
"version": {
"version_data": [
{
"version_value": "Prior to and including 12.1 RU6 MP9"
},
{
"version_value": "Prior to 14.2 RU1"
}
]
}
}
]
},
"vendor_name": "Symantec Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Preloading"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.symantec.com/en_US/article.SYMSA1479.html",
"refsource": "CONFIRM",
"url": "https://support.symantec.com/en_US/article.SYMSA1479.html"
},
{
"name": "107996",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/107996"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "80d3bcb6-88de-48c2-a47e-aebf795f19b5",
"assignerShortName": "symantec",
"cveId": "CVE-2018-18367",
"datePublished": "2019-04-25T19:22:17",
"dateReserved": "2018-10-15T00:00:00",
"dateUpdated": "2024-08-05T11:08:21.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-18367\",\"sourceIdentifier\":\"secure@symantec.com\",\"published\":\"2019-04-25T20:29:02.257\",\"lastModified\":\"2024-11-21T03:55:48.240\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead.\"},{\"lang\":\"es\",\"value\":\"Symantec Endpoint Protection Manager (SEPM), en versiones anteriores e incluyendo a 12.1 RU6 MP9 y anteriores a 14.2 RU1, puede ser susceptible a una vulnerabilidad de precarga de DLL, que es un tipo de problema que puede ocurrir cuando una aplicaci\u00f3n busca llamar a una DLL para su ejecuci\u00f3n y un atacante proporciona una DLL maliciosa para usar en su lugar.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:P/A:P\",\"baseScore\":6.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-426\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:rtm:*:*:*:*:*:*\",\"matchCriteriaId\":\"B672BF68-0DED-426F-AA31-1B76807230E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4CA6352-2ABA-429B-A819-87A4AC8A704A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru1-mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"106ECE24-7D1B-496C-9780-3F936A8BBEB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru2:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B8BBCCE-6079-466D-8FEF-0F2BF45A9B61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru2-mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"0AF9640B-EFF4-47DA-8547-8A2EB7F94495\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru3:*:*:*:*:*:*\",\"matchCriteriaId\":\"51C1E440-D22D-4A38-AEDB-CD91FC7EE66D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru4:*:*:*:*:*:*\",\"matchCriteriaId\":\"99063B1D-9665-4930-927F-208CC1407FAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru4-mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BFBDA2F-F6FD-4612-A475-D6420DC42F01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru4-mp1a:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7664803-F871-4B97-BEEA-745F201727CF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru4-mp1b:*:*:*:*:*:*\",\"matchCriteriaId\":\"7919ABDE-8502-48E5-9BB5-A35CFB739DC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru4a:*:*:*:*:*:*\",\"matchCriteriaId\":\"D27065C8-F545-4789-B603-76E455B9E004\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru5:*:*:*:*:*:*\",\"matchCriteriaId\":\"D59D3E7D-7612-4EE0-9202-3CCD4ADCD2BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6:*:*:*:*:*:*\",\"matchCriteriaId\":\"162CFA1F-31A5-4FAD-B0C4-C0554BB41F15\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"89D5A17E-364D-4CB8-A993-E9FDE3A7CA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp1a:*:*:*:*:*:*\",\"matchCriteriaId\":\"3617F8EA-1EAB-431E-B91D-2856FCECAD1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"265E189E-E0BA-4DEB-9E3B-85E63745E858\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFFACE1B-25E3-449F-9ADF-89479D4E8217\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp4:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DC18F5D-29B8-408F-945A-EA3BCED21413\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp5:*:*:*:*:*:*\",\"matchCriteriaId\":\"AAD94BA1-9F03-484B-B59C-512D81EA2F11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp6:*:*:*:*:*:*\",\"matchCriteriaId\":\"56AD1440-95D4-4056-A91A-A172183EDBF7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp7:*:*:*:*:*:*\",\"matchCriteriaId\":\"23B2FBAE-3DFA-42D9-A3B0-F8128B743E6E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp8:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B19539D-D88E-48B1-88E6-B018A5823871\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:12.1:ru6-mp9:*:*:*:*:*:*\",\"matchCriteriaId\":\"B47768FF-B636-46B4-BB5C-F810A960E86F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3B3A9535-EE47-4082-9067-57C123FD7E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14:mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"E62D9514-7F15-4268-975B-CCAF1A452653\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14:mp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BFE2C7D-F285-4FFE-B335-2F0BB01D46CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"480356B5-FA66-410C-964F-23093722B17F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14.0.1:mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"392639F5-44C8-40BF-B2E5-2E0E46EE7ECE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14.0.1:mp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"40430FBE-B637-4FE6-B193-44B7B4F9E3B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"770A88E4-70E8-4F9F-951C-E31BAB7C0654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11C6BE1B-F587-4C6F-AEF8-5E452323A5A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:symantec:endpoint_protection_manager:14.2:mp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"15131034-0111-472A-91B4-14870AAB625E\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/107996\",\"source\":\"secure@symantec.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.symantec.com/en_US/article.SYMSA1479.html\",\"source\":\"secure@symantec.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/107996\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://support.symantec.com/en_US/article.SYMSA1479.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…