Vulnerability Details : CVE-2012-4349
Unquoted Windows search path vulnerability in Symantec Network Access Control (SNAC) 12.1 before RU2 allows local users to gain privileges via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2012-4349
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 24 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2012-4349
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST |
References for CVE-2012-4349
-
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121210_00
Symantec Endpoint Protection Management Consoles Multiple Issues
-
http://www.securitytracker.com/id?1027864
Symantec Network Access Control Unquoted Search Path Lets Local Users Gain Elevated Privileges - SecurityTracker
-
http://www.securityfocus.com/bid/56847
Symantec Network Access Control CVE-2012-4349 Local Privilege Escalation Vulnerability
Products affected by CVE-2012-4349
- cpe:2.3:a:symantec:network_access_control:12.1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:network_access_control:12.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:network_access_control:12.1:*:*:*:*:*:*:*