CVE-2018-18366

Published: Apr 25, 2019Modified: Nov 21, 2024

6.5

Vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Exploitability: 2.0 / Impact: 4.0

Source: NVD

Description

Symantec Norton Security prior to 22.16.3, SEP (Windows client) prior to and including 12.1 RU6 MP9, and prior to 14.2 RU1, SEP SBE prior to Cloud Agent 3.00.31.2817, NIS-22.15.2.22, SEP-12.1.7484.7002 and SEP Cloud prior to 22.16.3 may be susceptible to a kernel memory disclosure, which is a type of issue where a specially crafted IRP request can cause the driver to return uninitialized memory.

Affected (53)

Products: Symantec: Endpoint Protection, Endpoint Protection Cloud, Endpoint Protection Cloud Agent, Norton Security

Symantec

4 products

Endpoint Protection

Endpoint Protection Cloud

Endpoint Protection Cloud Agent

Norton Security

Configuration A

53 vulnerable

Vulnerable Software	Affected Versions
Symantec Endpoint Protection	Version 11.0
Symantec Endpoint Protection	Version 11.0 mr1
Symantec Endpoint Protection	Version 11.0 mr2
Symantec Endpoint Protection	Version 11.0 mr3
Symantec Endpoint Protection	Version 11.0 mr4-mp2
Symantec Endpoint Protection	Version 11.0 mr4
Symantec Endpoint Protection	Version 11.0 ru5
Symantec Endpoint Protection	Version 11.0 ru6-mp1
Symantec Endpoint Protection	Version 11.0 ru6-mp2
Symantec Endpoint Protection	Version 11.0 ru6-mp3
Symantec Endpoint Protection	Version 11.0 ru6
Symantec Endpoint Protection	Version 11.0 ru6a
Symantec Endpoint Protection	Version 11.0 ru7-mp1
Symantec Endpoint Protection	Version 11.0 ru7-mp2
Symantec Endpoint Protection	Version 11.0 ru7-mp4
Symantec Endpoint Protection	Version 11.0 ru7-mp4a
Symantec Endpoint Protection	Version 11.0 ru7
Symantec Endpoint Protection	Version 11.0 ry7-mp3
Symantec Endpoint Protection	Version 12.1
Symantec Endpoint Protection	Version 12.1 ru1-mp1
Symantec Endpoint Protection	Version 12.1 ru1
Symantec Endpoint Protection	Version 12.1 ru2-mp1
Symantec Endpoint Protection	Version 12.1 ru2
Symantec Endpoint Protection	Version 12.1 ru3
Symantec Endpoint Protection	Version 12.1 ru4-mp1
Symantec Endpoint Protection	Version 12.1 ru4-mp1a
Symantec Endpoint Protection	Version 12.1 ru4-mp1b
Symantec Endpoint Protection	Version 12.1 ru4
Symantec Endpoint Protection	Version 12.1 ru4a
Symantec Endpoint Protection	Version 12.1 ru5
Symantec Endpoint Protection	Version 12.1 ru6-mp10
Symantec Endpoint Protection	Version 12.1 ru6-mp1
Symantec Endpoint Protection	Version 12.1 ru6-mp2
Symantec Endpoint Protection	Version 12.1 ru6-mp3
Symantec Endpoint Protection	Version 12.1 ru6-mp4
Symantec Endpoint Protection	Version 12.1 ru6-mp5
Symantec Endpoint Protection	Version 12.1 ru6-mp6
Symantec Endpoint Protection	Version 12.1 ru6-mp7
Symantec Endpoint Protection	Version 12.1 ru6-mp8
Symantec Endpoint Protection	Version 12.1 ru6
Symantec Endpoint Protection	Version 14.0.0 mp2
Symantec Endpoint Protection	Version 14.0.1
Symantec Endpoint Protection	Version 14.0.1 mp1
Symantec Endpoint Protection	Version 14.0.1 mp2
Symantec Endpoint Protection	Version 14.2
Symantec Endpoint Protection	Version 14.2 mp1
Symantec Endpoint Protection	Version 14
Symantec Endpoint Protection	Version 14 mp1
Symantec Endpoint Protection	Version nis-22.15.2.22
Symantec Endpoint Protection	Version sep-12.1.7484.7002
Symantec Endpoint Protection Cloud	Before 22.16.3
Symantec Endpoint Protection Cloud Agent	Before 3.00.31.2817
Symantec Norton Security	Before 22.16.3