The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106518 | Third Party Advisory VDB Entry |
https://support.symantec.com/en_US/article.SYMSA1465.html | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: symantec
Published: 2019-01-10T00:00:00
Updated: 2019-01-25T10:57:01
Reserved: 2018-06-12T00:00:00
Link: CVE-2018-12237
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-01-24T21:29:00.243
Modified: 2019-02-11T19:23:46.727
Link: CVE-2018-12237
JSON object: View
Redhat Information
No data.
CWE