CVE-2017-15526 Information

Description

Prior to SEE v11.1.3MP1 Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue which can result in a NullPointerException that can lead to a privilege escalation scenario.

CVSS Vector

CVSS:3.0/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/101698 https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171113_00

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

6.8