CVE-2022-37017

Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled.
Configurations

Configuration 1 (hide)

cpe:2.3:a:broadcom:symantec_endpoint_protection:*:*:*:*:*:windows:*:*

History

21 Nov 2024, 07:14

Type Values Removed Values Added
References () https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21014 - Permissions Required, Vendor Advisory () https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21014 - Permissions Required, Vendor Advisory

08 Aug 2023, 14:22

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
References (MISC) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21014 - (MISC) https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21014 - Permissions Required, Vendor Advisory
CPE cpe:2.3:a:broadcom:symantec_endpoint_protection:*:*:*:*:*:windows:*:*
CWE NVD-CWE-noinfo

01 Dec 2022, 18:21

Type Values Removed Values Added
New CVE

Information

Published : 2022-12-01 14:15

Updated : 2024-11-21 07:14


NVD link : CVE-2022-37017

Mitre link : CVE-2022-37017

CVE.ORG link : CVE-2022-37017


JSON object : View

Products Affected

broadcom

  • symantec_endpoint_protection