CVE-2018-12244

Description

SEP (Mac client) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a CSV/DDE injection (also known as formula injection) vulnerability, which is a type of issue whereby an application or website allows untrusted input into CSV files.

Risk Information

Base Score

6.3

MODERATE

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

EPSS Score

Exploitation Probability

0.377

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in Symantec Endpoint Protection (x64) 14.2	Windows
Multiple Vulnerabilities are affected in Symantec Endpoint Protection 14.2	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234