PT-2018-16831 · Symantec · Symantec Management Agent

Published

2018-07-25

Updated

2019-10-03

CVE-2018-5240

CVSS v3.1

8.0

High

Vector

AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Symantec Management Agent versions prior to 7.6 POST HF7 Symantec Management Agent versions prior to 8.0 POST HF6 Symantec Management Agent versions prior to 8.1 RU7

Description The issue is related to a privilege escalation vulnerability in the Inventory Plugin for Symantec Management Agent. This type of issue allows a user to gain elevated access to resources that are normally protected at lower access levels.

Recommendations For versions prior to 7.6 POST HF7, update to 7.6 POST HF7 or later. For versions prior to 8.0 POST HF6, update to 8.0 POST HF6 or later. For versions prior to 8.1 RU7, update to 8.1 RU7 or later.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-5240

Affected Products

Symantec Management Agent

PT-2018-16831 · Symantec · Symantec Management Agent

CVE-2018-5240

Related Identifiers

Affected Products

References · 5