Vulnerability Name:

CVE-2012-1821 (CCN-75805)

Assigned:2012-05-22
Published:2012-05-22
Updated:2018-01-05
Summary:The Network Threat Protection module in the Manager component in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.700x on Windows Server 2003 allows remote attackers to cause a denial of service (web-server outage, or daemon crash or hang) via a flood of packets that triggers automated blocking of network traffic.
CVSS v3 Severity:3.5 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)
3.0 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2012-1821

Source: OSVDB
Type: UNKNOWN
82147

Source: CCN
Type: SA49221
Symantec Endpoint Protection Denial of Service Vulnerability

Source: SECUNIA
Type: UNKNOWN
49221

Source: CERT-VN
Type: UNKNOWN
VU#149070

Source: CCN
Type: OSVDB ID: 82147
Symantec Endpoint Protection Network Threat Protection Module Traffic Blocking Packet Saturation Remote DoS

Source: BID
Type: UNKNOWN
50358

Source: CCN
Type: BID-50358
Symantec Endpoint Protection Manager Remote Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1027092

Source: CCN
Type: SYM12-007
Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Manager 11.x Denial of Service

Source: CONFIRM
Type: Vendor Advisory
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2012&suid=20120522_00

Source: XF
Type: UNKNOWN
symantec-endpoint-protection-scans-dos(75805)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:symantec:endpoint_protection:11.0.6000:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0.6100:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0.6200:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0.6200.754:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0.6300:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0.7000:*:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0.7100:*:*:*:*:*:*:*
  • AND
  • cpe:/o:microsoft:windows_2003_server:*:*:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*
  • OR cpe:/o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:symantec:endpoint_protection:11.0:ru6:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0:ru6mp1:*:*:*:*:*:*
  • OR cpe:/a:symantec:endpoint_protection:11.0:ru6mp2:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    symantec endpoint protection 11.0.6000
    symantec endpoint protection 11.0.6100
    symantec endpoint protection 11.0.6200
    symantec endpoint protection 11.0.6200.754
    symantec endpoint protection 11.0.6300
    symantec endpoint protection 11.0.7000
    symantec endpoint protection 11.0.7100
    microsoft windows 2003 server *
    microsoft windows 2003 server * sp1
    microsoft windows 2003 server * sp2
    symantec endpoint protection 11.0 ru6
    symantec endpoint protection 11.0 ru6mp1
    symantec endpoint protection 11.0 ru6mp2