CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12244

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.5%

CVSS Severity

CVSS v3 Score 6.3

CVSS v2 Score 6.8

References

Products affected by CVE-2018-12244

Symantec » Endpoint Protection » Version: 11.0

cpe:2.3:a:symantec:endpoint_protection:11.0
Symantec » Endpoint Protection » Version: 12.1

cpe:2.3:a:symantec:endpoint_protection:12.1
Symantec » Endpoint Protection » Version: 14

cpe:2.3:a:symantec:endpoint_protection:14
Symantec » Endpoint Protection » Version: 14.0.0

cpe:2.3:a:symantec:endpoint_protection:14.0.0
Symantec » Endpoint Protection » Version: 14.0.1

cpe:2.3:a:symantec:endpoint_protection:14.0.1
Symantec » Endpoint Protection » Version: 14.2

cpe:2.3:a:symantec:endpoint_protection:14.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-12244

Products

Pricing

Contact Us