CVE-2018-12237

Summary

The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges.

Affected Software

VendorProductVersion RangeStatus
Symantec CorporationSymantec Reporter10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8affected

Weaknesses

  • OS command injection

ADP Enrichment

CVE Program Container

Additional References

References