CVE-2012-4348

{"id": "CVE-2012-4348", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:M/C:C/I:C/A:C", "authentication": "MULTIPLE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 4.1, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2012-12-18T20:55:01.227", "references": [{"url": "http://www.securityfocus.com/bid/56846", "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id?1027863", "source": "cve@mitre.org"}, {"url": "http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20121210_00", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors."}, {"lang": "es", "value": "La consola de administraci\u00f3n de Symantec Endpoint Protection (SEP) v11.0 antes de RU7-MP3 y v12.1 antes de RU2 y Symantec Endpoint Protection Small Business Edition v12.x antes de v12.1 RU2, no valida correctamente la entrada para secuencias de comandos PHP, lo que permite a usuarios remotos autenticados ejecutar c\u00f3digo arbitrario a trav\u00e9s de vectores no especificados."}], "lastModified": "2013-03-14T03:10:09.620", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E269D396-3A70-4C4B-9D79-CBBA75C280D8"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F9E055CC-55A9-4F52-BBC5-53126A581D76"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1DD0DB8-3108-4A6C-83D4-D1DA9CB1B51F"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6a:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "435109B2-F971-4059-8E5C-76C53A161836"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "95779ECB-89B4-420B-8149-F8B07F4067BD"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1580B17-6873-40AD-B092-EB768E656C5E"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "180A2514-AA60-486D-B807-8A4A289E3566"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFC9D744-C3B5-4F7B-B23F-14598BDE2DD0"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.1:mp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6C2C5BA5-2A3D-4D67-AA8F-0A454E69BE2D"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "238E223B-44F4-4907-B524-A18614E6681B"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BA57776C-4B87-4FC3-9678-CEBA60CB4D90"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.2:mp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "43442575-6140-4D40-A5B9-C6E206274229"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A7C80B41-521D-4ACC-BE57-E775B09F0E3B"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp1a:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5253BED8-BF83-4F61-9320-14B0495AFD90"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.4:mp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8808B05E-C739-4252-8014-BA3558E95802"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.3001:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6DDB8443-6567-4033-8D30-B35DACC0EE9A"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "74A97619-5D8B-4634-BFA6-F73285865823"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1CF5F84C-91C1-4395-B988-9F9E4F87D8B9"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A0C0EFA7-71FE-48C9-97D3-F414F49DB495"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "142BCA40-386C-4498-BECB-22BC07B240DD"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD725528-A19A-465E-B427-EF426104B7AF"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BFD42022-0168-4C9D-8EED-0E16322E8796"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FE29507-7B24-44AD-8C15-C1063E34D7D9"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A8C3211-6088-49D6-8228-C4E9B5DF1631"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.671:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E0A9C72-FD2F-40F3-A094-58FC34F0857A"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1.1000:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D997D8A-C093-4250-9481-3ED28E541B4B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.0:-:small_business:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7D7E851B-1A0A-4077-9FCF-754D4FF798FF"}, {"criteria": "cpe:2.3:a:symantec:endpoint_protection:12.1:-:small_business:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A89EF949-E330-4E70-BB93-AFE5E6F75120"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}