Details of VAR-201811-0074

ID

VAR-201811-0074

CVE

CVE-2018-12238

TITLE

plural Symantec Vulnerabilities related to security functions in products

Trust: 0.8

sources: JVNDB: JVNDB-2018-011301

DESCRIPTION

Norton prior to 22.15; Symantec Endpoint Protection (SEP) prior to 12.1.7454.7000 & 14.2; Symantec Endpoint Protection Small Business Edition (SEP SBE) prior to NIS-22.15.1.8 & SEP-12.1.7454.7000; and Symantec Endpoint Protection Cloud (SEP Cloud) prior to 22.15.1 may be susceptible to an AV bypass issue, which is a type of exploit that works to circumvent one of the virus detection engines to avoid a specific type of virus protection. One of the antivirus engines depends on a signature pattern from a database to identify malicious files and viruses; the antivirus bypass exploit looks to alter the file being scanned so it is not detected. plural Symantec The product contains vulnerabilities related to security functions.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Multiple Symantec Products are prone to an local security-bypass vulnerability. Local attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Symantec Norton and others are products of Symantec Corporation of the United States. Symantec Norton is an antivirus program. Endpoint Protection (SEP) is an endpoint protection program. Attackers can exploit this vulnerability to bypass detection by virus detection engines

Trust: 1.98

sources: NVD: CVE-2018-12238 // JVNDB: JVNDB-2018-011301 // BID: 105917 // VULHUB: VHN-122177

AFFECTED PRODUCTS

vendor:	symantec	model:	norton antivirus	scope:	lt	version:	22.15	Trust: 1.8
vendor:	symantec	model:	endpoint protection	scope:	lt	version:	12.1.7454.7000	Trust: 1.8
vendor:	symantec	model:	endpoint protection cloud	scope:	lt	version:	22.15.1	Trust: 1.8
vendor:	symantec	model:	endpoint protection	scope:	gte	version:	11.0	Trust: 1.0
vendor:	symantec	model:	endpoint protection	scope:	lte	version:	14.2	Trust: 1.0
vendor:	symantec	model:	endpoint protection	scope:	gte	version:	14.0	Trust: 1.0
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	14.2	Trust: 0.8
vendor:	symantec	model:	endpoint protection small business edition	scope:	lt	version:	nis-22.15.1.8	Trust: 0.8
vendor:	symantec	model:	endpoint protection small business edition	scope:	eq	version:	sep-12.1.7454.7000	Trust: 0.8
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.4000.2295	Trust: 0.6
vendor:	symantec	model:	endpoint protection ru6	scope:	eq	version:	11.0	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2020	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.1.1007	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2021	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2001	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2011	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2000	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.1.1008	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.1	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2010	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	10.0.2.2002	Trust: 0.6
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	5.02	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	5.0	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	22.7	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	21.0	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	eq	version:	17.6.0.32	Trust: 0.3
vendor:	symantec	model:	endpoint protection cloud	scope:	eq	version:	12.1.6	Trust: 0.3
vendor:	symantec	model:	endpoint protection cloud	scope:	eq	version:	14	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp4	scope:	eq	version:	12.1.6	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.6	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.5	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.3	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru2	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.2	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.4010.26	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.4010.19	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.4000	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.3001.2224	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.2020.56	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.2010.25	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.2001.10	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.2000.1567	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.1005.1428	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.1002.1378	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.1000.1375	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.781.1287	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.780.1109	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.7	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.4	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.2	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	14.0.3752.1000	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp1	scope:	eq	version:	14.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	14.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.671	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp5	scope:	eq	version:	12.1.6	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.4100.4126	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.4013	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.4	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.2015.2015	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.2.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.1000	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.1.1.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru7	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp9	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp7	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp6	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp5	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp10	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru4 mp1b	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru3	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru2	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru1-mp1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp1	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection small busines	scope:	eq	version:	12.1-	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp5	scope:	eq	version:	12.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection small busines	scope:	eq	version:	12.0-	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	12.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.1.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.7100	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.7000	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.7.4	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.7.3	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.7.2	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.7.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.6300	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.6200.754	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.6200	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.6100	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.6000	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.4202.75	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp2	scope:	eq	version:	11.0.4	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp1a	scope:	eq	version:	11.0.4	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0.3001	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp2	scope:	eq	version:	11.0.2	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp1	scope:	eq	version:	11.0.2	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp2	scope:	eq	version:	11.0.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection mp1	scope:	eq	version:	11.0.1	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru7-mp3	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru7 mp2	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru7 mp1	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6mp2	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6mp1	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6a	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6-mp3(11.0.63	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6-mp2(11.0.62	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6-mp1(11.0.61	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp4	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp3	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp2	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru6 mp1	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru5	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection ru4	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection mr3	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection mr2	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection mr1	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	eq	version:	11.0	Trust: 0.3
vendor:	symantec	model:	norton antivirus	scope:	ne	version:	22.15	Trust: 0.3
vendor:	symantec	model:	endpoint protection cloud	scope:	ne	version:	22.15	Trust: 0.3
vendor:	symantec	model:	endpoint protection nis-22.15.1.8 smal	scope:	ne	version:	-	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	ne	version:	14.2	Trust: 0.3
vendor:	symantec	model:	endpoint protection sma	scope:	ne	version:	12.1.7454.7000-	Trust: 0.3
vendor:	symantec	model:	endpoint protection	scope:	ne	version:	12.1.7454.7000	Trust: 0.3

sources: BID: 105917 // JVNDB: JVNDB-2018-011301 // CNNVD: CNNVD-201811-909 // NVD: CVE-2018-12238

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-12238
value:	HIGH
Trust: 1.0
NVD:	CVE-2018-12238
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201811-909
value:	HIGH
Trust: 0.6
VULHUB:	VHN-122177
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2018-12238
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-122177
severity:	MEDIUM
baseScore:	4.6
vectorString:	AV:L/AC:L/AU:N/C:P/I:P/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2018-12238
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: VULHUB: VHN-122177 // JVNDB: JVNDB-2018-011301 // CNNVD: CNNVD-201811-909 // NVD: CVE-2018-12238

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	CWE-254	Trust: 0.8

sources: JVNDB: JVNDB-2018-011301 // NVD: CVE-2018-12238

THREAT TYPE

local

Trust: 0.9

sources: BID: 105917 // CNNVD: CNNVD-201811-909

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201811-909

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-011301

PATCH

title:	SYMSA1468	url:	https://support.symantec.com/content/unifiedweb/en_US/article.SYMSA1468.html	Trust: 0.8
title:	Multiple Symantec Product security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87325	Trust: 0.6

sources: JVNDB: JVNDB-2018-011301 // CNNVD: CNNVD-201811-909

EXTERNAL IDS

db:	NVD	id:	CVE-2018-12238	Trust: 2.8
db:	BID	id:	105917	Trust: 2.0
db:	JVNDB	id:	JVNDB-2018-011301	Trust: 0.8
db:	CNNVD	id:	CNNVD-201811-909	Trust: 0.7
db:	VULHUB	id:	VHN-122177	Trust: 0.1

sources: VULHUB: VHN-122177 // BID: 105917 // JVNDB: JVNDB-2018-011301 // CNNVD: CNNVD-201811-909 // NVD: CVE-2018-12238

REFERENCES

url:	https://support.symantec.com/content/unifiedweb/en_us/article.symsa1468.html	Trust: 2.0
url:	http://www.securityfocus.com/bid/105917	Trust: 1.7
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12238	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-12238	Trust: 0.8
url:	http://www.symantec.com	Trust: 0.3

sources: VULHUB: VHN-122177 // BID: 105917 // JVNDB: JVNDB-2018-011301 // CNNVD: CNNVD-201811-909 // NVD: CVE-2018-12238

CREDITS

Qualys Malware Research Lab

Trust: 0.3

sources: BID: 105917

SOURCES

db:	VULHUB	id:	VHN-122177
db:	BID	id:	105917
db:	JVNDB	id:	JVNDB-2018-011301
db:	CNNVD	id:	CNNVD-201811-909
db:	NVD	id:	CVE-2018-12238

LAST UPDATE DATE

2024-11-23T22:51:58.278000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-122177	date:	2019-10-03T00:00:00
db:	BID	id:	105917	date:	2018-11-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-011301	date:	2019-01-09T00:00:00
db:	CNNVD	id:	CNNVD-201811-909	date:	2019-10-23T00:00:00
db:	NVD	id:	CVE-2018-12238	date:	2024-11-21T03:44:50.323

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-122177	date:	2018-11-29T00:00:00
db:	BID	id:	105917	date:	2018-11-28T00:00:00
db:	JVNDB	id:	JVNDB-2018-011301	date:	2019-01-09T00:00:00
db:	CNNVD	id:	CNNVD-201811-909	date:	2018-11-30T00:00:00
db:	NVD	id:	CVE-2018-12238	date:	2018-11-29T14:29:00.250