CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-23617

A buffer overflow vulnerability exists in Symantec Data Loss Prevention version 14.0.2 and before. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a crafted document to achieve code execution.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.024

EPSS Ranking 84.3%

CVSS Severity

CVSS v3 Score 9.6

CVSS v2 Score 9.3

References

https://blog.exodusintel.com/2024/01/25/symantec-data-loss-prevention-wp6sr-dll-stack-buffer-overflow-remote-code-execution/
https://blog.exodusintel.com/2024/01/25/symantec-data-loss-prevention-wp6sr-dll-stack-buffer-overflow-remote-code-execution/

Products affected by CVE-2024-23617

Broadcom » Symantec Data Center Security Server » Version: N/A

cpe:2.3:a:broadcom:symantec_data_center_security_server:-
Broadcom » Symantec Data Center Security Server » Version: 14.0.2

cpe:2.3:a:broadcom:symantec_data_center_security_server:14.0.2
Broadcom » Symantec Data Center Security Server » Version: 6.5.0

cpe:2.3:a:broadcom:symantec_data_center_security_server:6.5.0
Broadcom » Symantec Data Center Security Server » Version: 6.6.0

cpe:2.3:a:broadcom:symantec_data_center_security_server:6.6.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-23617

Products

Pricing

Contact Us