Symantec Luki w zabezpieczeniach

Oś czasu

Rodzaj

Not Defined	280
Anti-Malware Software	186
Firewall Software	82
Backup Software	42
Anti-Spam Software	8

Produkt

Symantec Endpoint Protection	68
Symantec Web Gateway	37
Symantec Endpoint Protection Manager	34
Symantec Norton Antivirus	26
Symantec Messaging Gateway	22

Przeciwdziałanie

Official Fix	477
Temporary Fix	0
Workaround	13
Unavailable	8
Not Defined	119

Wykorzystywanie

High	50
Functional	1
Proof-of-Concept	248
Unproven	35
Not Defined	283

Wektor dostępu

Not Defined	0
Physical	1
Local	151
Adjacent	59
Network	406

Uwierzytelnianie

Not Defined	0
High	26
Low	177
None	414

Interakcja z użytkownikiem

Not Defined	0
Required	82
None	535

C3BM Index

CVSSv3 Base

≤1	0
≤2	0
≤3	1
≤4	42
≤5	60
≤6	155
≤7	80
≤8	149
≤9	61
≤10	69

CVSSv3 Temp

≤1	0
≤2	0
≤3	4
≤4	55
≤5	95
≤6	140
≤7	126
≤8	107
≤9	53
≤10	37

VulDB

≤1	0
≤2	1
≤3	9
≤4	44
≤5	64
≤6	164
≤7	60
≤8	149
≤9	57
≤10	69

NVD

≤1	0
≤2	0
≤3	2
≤4	8
≤5	12
≤6	31
≤7	27
≤8	58
≤9	15
≤10	13

CNA

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	1
≤10	0

Sprzedawca

≤1	0
≤2	0
≤3	3
≤4	8
≤5	9
≤6	9
≤7	17
≤8	11
≤9	1
≤10	0

Research

≤1	0
≤2	0
≤3	0
≤4	0
≤5	0
≤6	0
≤7	0
≤8	0
≤9	0
≤10	0

Exploit 0-day

<1k	1
<2k	4
<5k	49
<10k	184
<25k	267
<50k	106
<100k	5
≥100k	1

Wykorzystaj dzisiaj

<1k	552
<2k	10
<5k	25
<10k	21
<25k	9
<50k	0
<100k	0
≥100k	0

Wykorzystaj wielkość rynku

🔴 CTI Zajęcia

Affected Products (174): ASG (2), AV Engine (1), Advanced Secure Gateway (9), Altiris (1), Altiris Deployment Solution (19), Altiris IT Management Suite (1), Altiris Notification Server (6), Altiris WISE Package Studio (1), Anti-Virus Engine (1), AntiVirus (17), AntiVirus Corporate Edition (3), AntiVirus Scan Engine (1), Antivirus (2), Antivirus Scan Engine (5), AppStream (1), AppStream Client (1), Automated Support Assistant (3), Backup (2), Backup Exec (18), Backup Exec System Recovery (2), BackupExec System Recovery (1), Backupexec System Recovery (4), Brightmail AntiSpam (6), Brightmail Antispam (1), Brightmail Gateway (1), Brightmail Gateway Appliance (2), CacheFlow (1), Client Security (6), Clientless Vpn Gateway 4400 (1), Cluster Server (1), Compliance Server (2), Content Analysis Module (1), Critical System Protection (6), Data Center Security (9), Data Center Security Manager (1), Data Insight (2), Data Loss Prevention (4), Data Loss Prevention Detection Servers (1), Deployment Solution (1), Encryption Desktop (10), Encryption Management Server (9), Endpoint Detection (2), Endpoint Detection & Response (1), Endpoint Detection and Response Appliance (1), Endpoint Encryption (9), Endpoint Protection (68), Endpoint Protection AVEngine (2), Endpoint Protection Manager (34), Endpoint Protection SBE (1), Endpoint Protection Small Business Edition (15), Enterprise Firewall (14), Enterprise Security Manager (4), Enterprise Server (1), Enterprise Vault (1), Filter (1), Firewall (7), Gateway (4), Gateway Security (3), Gateway Security 5400 (1), Ghost (2), Ghost Solution Suite (1), Ghost Solutions Suite (3), I-gear (1), IM Manager (8), IT Analytics (1), ITMS (1), Industrial Control System Protection (1), Install Norton Security (1), IntelligenceCenter (1), Java! JIT Compiler (1), Layer7 API Management OAuth Toolkit (1), LiveUpdate (12), LiveUpdate Administrator (2), Livestate Agent (1), Mail-Gear (1), Mail Security (7), Mail Security Appliance (1), Mail Security for Domino (2), Mail Security for MS Exchange (1), Mail Security for Microsoft Exchange (2), Mail Threat Defense (1), Management Agent (2), Management Center (1), Management Console (2), Management Platform (1), Message Filter (4), Message Gateway (2), Messaging Gateway (22), Messaging Gateway SMG (2), Mobile Security (1), My VIP Portal (1), NetBackup (1), NetBackup Appliance (1), NetBackup OpsCenter Server (1), NetBackup PureDisk (1), NetBackup PureDisk Remote Office Edition (1), NetBackup Server (1), Network Access Control (2), Norton 360 (1), Norton Anti-Virus (1), Norton AntiVirus (13), Norton Antispam (1), Norton Antivirus (26), Norton Antivirus for Internet Email Gateway (1), Norton Core (1), Norton Ghost (9), Norton Internet Security (13), Norton Internet Security 2008 (1), Norton Internet Security 2010 (1), Norton Personal Firewall (8), Norton Security (3), Norton System Works (4), Norton Utilities (1), Norton_internet_security (2), ON Command CCM (1), On-Demand Agent (1), On Command Discovery (1), PGP (1), PGP Desktop (2), PGP Universal Server (1), PGP Whole Disk Encryption (1), PowerQuest DeployCenter (1), Products (1), ProxyClient (1), ProxySG (11), Raptor (1), Raptor Firewall (3), Reporter (1), Reporter CLI (1), Reporter Web UI (1), Response (2), SAV (1), SONAR (1), SSL Visibility (1), Security Analytics (2), Security Check Service (1), Security Check Virus Detection (1), SecurityExpressions Audit (2), Security Information Manager (4), Storage Foundation (1), Sygate Management Server (1), Sygate NAC (1), Sygate Personal Firewall (2), Symantec Antivirus Scan Engine (2), Symantec Endpoint Protection Cloud (2), System Recovery (1), System Works (1), VIP Access Desktop (1), VIP Access for Desktop (1), VIP Enterprise Gateway (1), VPN (2), VPN Appliance (2), VPN Appliances (2), Velociraptor (2), Veritas Backup (1), Veritas Backup Exec (2), Veritas Cluster Server (1), Veritas Command Central Storage Change Manager (1), Veritas File System (2), Veritas Netbackup (5), Veritas Netbackup Server (1), Veritas Storage Foundation (3), Veritas Volume Manager (1), Veritas Volume Replicator (1), Web Gateway (37), Web Isolation (1), Web Security (6), WinFax Pro (1), Workspace Streaming (4), Workspace Virtualization (3), i3 Focalpoint Server (1), iCommand (1), norton antivirus (2), pcAnywhere (21)

Link to Vendor Website: https://www.symantec.com/

Opublikowano	Base	Temp	Słaby punkt	Prod	Wyk	Prz	CTI	EPSS	CVE
2023-01-21	7.0	6.9	Symantec Endpoint Protection privilege escalation	Anti-Malware Software	Not Defined	Official Fix	0.05	0.00043	CVE-2022-25631
2022-12-01	6.5	6.4	Symantec Endpoint Protection privilege escalation	Anti-Malware Software	Not Defined	Official Fix	0.09	0.00048	CVE-2022-37017
2022-12-01	7.6	7.6	Symantec Endpoint Protection privilege escalation	Anti-Malware Software	Not Defined	Not Defined	0.05	0.00091	CVE-2022-37016
2022-11-09	7.6	7.5	Symantec Endpoint Detection and Response Appliance Privilege Escalation	Nieznany	Not Defined	Official Fix	0.02	0.00092	CVE-2022-37015
2022-07-28	7.3	7.3	Symantec Veritas Netbackup weak authentication	Backup Software	Not Defined	Not Defined	0.03	0.00055	CVE-2022-36956
2022-07-07	8.2	8.2	Symantec Advanced Secure Gateway/ProxySG HTTP weak authentication	Firewall Software	Not Defined	Not Defined	0.00	0.00104	CVE-2021-46825
2022-03-05	8.8	8.8	Symantec Management Agent Registry privilege escalation	Nieznany	Not Defined	Not Defined	0.03	0.00043	CVE-2022-25623
2022-02-18	3.5	3.4	Symantec Layer7 API Management OAuth Toolkit Web UI cross site scripting	Automation Software	Not Defined	Official Fix	0.05	0.00086	CVE-2021-30650
2021-07-01	6.3	6.3	Symantec Advanced Secure Gateway/ProxySG Web Management Console weak authentication	Firewall Software	Not Defined	Not Defined	0.01	0.00216	CVE-2021-30648
2021-04-27	7.3	7.0	Symantec Security Analytics Web UI privilege escalation	Nieznany	Not Defined	Official Fix	0.00	0.00331	CVE-2021-30642
2020-12-10	4.3	4.1	Symantec Messaging Gateway Web UI information disclosure	Nieznany	Not Defined	Official Fix	0.03	0.00065	CVE-2020-12595
2020-12-10	8.8	8.4	Symantec Messaging Gateway CLI privilege escalation	Nieznany	Not Defined	Official Fix	0.03	0.00114	CVE-2020-12594
2020-11-19	5.5	5.3	Symantec Endpoint Detection & Response information disclosure	Nieznany	Not Defined	Official Fix	0.06	0.00115	CVE-2020-12593
2020-07-08	6.4	6.1	Symantec Endpoint Detection/Response information disclosure	Nieznany	Not Defined	Official Fix	0.01	0.00129	CVE-2020-5839
2020-05-13	3.6	3.4	Symantec IT Analytics cross site scripting	Nieznany	Not Defined	Official Fix	0.01	0.00054	CVE-2020-5838
2020-05-11	7.8	7.5	Symantec Endpoint Protection Log File privilege escalation	Anti-Malware Software	Not Defined	Official Fix	0.03	0.00045	CVE-2020-5837
2020-05-11	7.1	6.8	Symantec Endpoint Protection ACL privilege escalation	Anti-Malware Software	Not Defined	Official Fix	0.00	0.00045	CVE-2020-5836
2020-05-11	6.8	6.5	Symantec Endpoint Protection Manager Client Remote Deployment race condition	Anti-Malware Software	Not Defined	Official Fix	0.08	0.00045	CVE-2020-5835
2020-05-11	6.0	5.7	Symantec Endpoint Protection Manager directory traversal	Anti-Malware Software	Not Defined	Official Fix	0.07	0.00074	CVE-2020-5834
2020-05-11	4.0	3.8	Symantec Endpoint Protection Manager information disclosure	Anti-Malware Software	Not Defined	Official Fix	0.06	0.00045	CVE-2020-5833
2020-04-06	6.5	6.3	Symantec Data Center Security Manager privilege escalation	Nieznany	Not Defined	Official Fix	0.00	0.00045	CVE-2020-5832
2020-02-03	4.0	3.8	Symantec Endpoint Protection information disclosure	Anti-Malware Software	Not Defined	Official Fix	0.00	0.00045	CVE-2020-5831
2020-02-03	4.0	3.8	Symantec Endpoint Protection information disclosure	Anti-Malware Software	Not Defined	Official Fix	0.01	0.00045	CVE-2020-5830
2020-02-03	4.0	3.8	Symantec Endpoint Protection information disclosure	Anti-Malware Software	Not Defined	Official Fix	0.01	0.00045	CVE-2020-5829
2020-02-03	4.0	3.8	Symantec Endpoint Protection information disclosure	Anti-Malware Software	Not Defined	Official Fix	0.00	0.00045	CVE-2020-5828

592 więcej wpisów nie jest pokazywanych

🔒 Login Required

You need to signup and login to see more of the remaining 592 results.

◂ PoprzedniPrzeglądKolejny ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!