CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-12237

The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.017

EPSS Ranking 81.4%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 9.0

References

http://www.securityfocus.com/bid/106518
https://support.symantec.com/en_US/article.SYMSA1465.html
http://www.securityfocus.com/bid/106518
https://support.symantec.com/en_US/article.SYMSA1465.html

Products affected by CVE-2018-12237

Symantec » Reporter » Version: 10.1

cpe:2.3:a:symantec:reporter:10.1
Symantec » Reporter » Version: 10.1.5

cpe:2.3:a:symantec:reporter:10.1.5
Symantec » Reporter » Version: 10.1.5.5

cpe:2.3:a:symantec:reporter:10.1.5.5
Symantec » Reporter » Version: 10.2

cpe:2.3:a:symantec:reporter:10.2
Symantec » Reporter » Version: 10.2.1.1

cpe:2.3:a:symantec:reporter:10.2.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12237

Products

Pricing

Contact Us