From d6c997e59324f75629acbc1147436697786890ad Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 26 Mar 2018 11:07:11 -0400 Subject: [PATCH] - Added submission from Symantec for SYM18-001 from 2018-03-26. --- 2017/15xxx/CVE-2017-15534.json | 49 +++++++++++++++++++++++++++++++--- 1 file changed, 46 insertions(+), 3 deletions(-) diff --git a/2017/15xxx/CVE-2017-15534.json b/2017/15xxx/CVE-2017-15534.json index baa01c9d696..cdf7fc5e074 100644 --- a/2017/15xxx/CVE-2017-15534.json +++ b/2017/15xxx/CVE-2017-15534.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "secure@symantec.com", + "DATE_PUBLIC" : "2018-03-26T00:00:00", "ID" : "CVE-2017-15534", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Norton App Lock", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to version 1.3.0.13" + } + ] + } + } + ] + }, + "vendor_name" : "Symantec Corporation" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "The Norton App Lock can be susceptible to an authentication bypass exploit. In this type of circumstance, the exploit can allow the user to kill the app to prevent it from locking the device, thereby allowing the individual to gain device access." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Authentication bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20180326_00" } ] }