Vulnerability Details CVE-2018-12240
The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 53.4%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
Products affected by CVE-2018-12240
-
cpe:2.3:a:symantec:norton_password_manager:-
-
cpe:2.3:a:symantec:norton_password_manager:3.4.0
-
cpe:2.3:a:symantec:norton_password_manager:3.5.0
-
cpe:2.3:a:symantec:norton_password_manager:3.5.1
-
cpe:2.3:a:symantec:norton_password_manager:3.6.0
-
cpe:2.3:a:symantec:norton_password_manager:3.6.1
-
cpe:2.3:a:symantec:norton_password_manager:3.6.2
-
cpe:2.3:a:symantec:norton_password_manager:3.7.0
-
cpe:2.3:a:symantec:norton_password_manager:3.7.1
-
cpe:2.3:a:symantec:norton_password_manager:3.7.2
-
cpe:2.3:a:symantec:norton_password_manager:3.7.3
-
cpe:2.3:a:symantec:norton_password_manager:3.8.0
-
cpe:2.3:a:symantec:norton_password_manager:5.0.0
-
cpe:2.3:a:symantec:norton_password_manager:5.1.0
-
cpe:2.3:a:symantec:norton_password_manager:5.1.1
-
cpe:2.3:a:symantec:norton_password_manager:5.2.0
-
cpe:2.3:a:symantec:norton_password_manager:5.2.1
-
cpe:2.3:a:symantec:norton_password_manager:5.2.2
-
cpe:2.3:a:symantec:norton_password_manager:5.2.3
-
cpe:2.3:a:symantec:norton_password_manager:5.3.0