From e4c8411c8fcf52cad3b944a91c9340600fe5d406 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 6 Nov 2017 17:05:12 -0500 Subject: [PATCH] - Added submission from Symantec for SYM17-011 from 2017-11-06. --- 2017/13xxx/CVE-2017-13680.json | 49 +++++++++++++++++++++++++++++++--- 2017/13xxx/CVE-2017-13681.json | 49 +++++++++++++++++++++++++++++++--- 2017/6xxx/CVE-2017-6331.json | 49 +++++++++++++++++++++++++++++++--- 3 files changed, 138 insertions(+), 9 deletions(-) diff --git a/2017/13xxx/CVE-2017-13680.json b/2017/13xxx/CVE-2017-13680.json index 8470cf1693e..56d601d88c1 100644 --- a/2017/13xxx/CVE-2017-13680.json +++ b/2017/13xxx/CVE-2017-13680.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "secure@symantec.com", + "DATE_PUBLIC" : "2017-11-06T00:00:00", "ID" : "CVE-2017-13680", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Symantec Endpoint Protection", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1" + } + ] + } + } + ] + }, + "vendor_name" : "Symantec Corporation" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the product's UI to perform unauthorized file deletes on the resident file system." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Arbitrary File Deletion" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00" } ] } diff --git a/2017/13xxx/CVE-2017-13681.json b/2017/13xxx/CVE-2017-13681.json index b2f53ea82d6..f39dc755ceb 100644 --- a/2017/13xxx/CVE-2017-13681.json +++ b/2017/13xxx/CVE-2017-13681.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "secure@symantec.com", + "DATE_PUBLIC" : "2017-11-06T00:00:00", "ID" : "CVE-2017-13681", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Symantec Endpoint Protection", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to SEP 12.1 RU6 MP9" + } + ] + } + } + ] + }, + "vendor_name" : "Symantec Corporation" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this issue, the capability of exploit is limited by the need to perform multiple file and directory writes to the local filesystem and as such, is not feasible in a standard drive-by type attack." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Privilege Escalation" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00" } ] } diff --git a/2017/6xxx/CVE-2017-6331.json b/2017/6xxx/CVE-2017-6331.json index 9f5428f336a..941473c1793 100644 --- a/2017/6xxx/CVE-2017-6331.json +++ b/2017/6xxx/CVE-2017-6331.json @@ -1,8 +1,32 @@ { "CVE_data_meta" : { - "ASSIGNER" : "cve@mitre.org", + "ASSIGNER" : "secure@symantec.com", + "DATE_PUBLIC" : "2017-11-06T00:00:00", "ID" : "CVE-2017-6331", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "Symantec Endpoint Protection", + "version" : { + "version_data" : [ + { + "version_value" : "Prior to SEP 14 RU1" + } + ] + } + } + ] + }, + "vendor_name" : "Symantec Corporation" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +35,26 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Tamper-protection bypass" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20171106_00" } ] }