CVE-2019-12753
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An information disclosure vulnerability in Symantec Reporter web UI 10.3 prior to 10.3.2.5 allows a malicious authenticated administrator user to obtain passwords for external SMTP, FTP, FTPS, LDAP, and Cloud Log Download servers that they might not otherwise be authorized to access. The malicious administrator user can also obtain the passwords of other Reporter web UI users.
Una vulnerabilidad de divulgación de información en Symantec Reporter web UI versiones 10.3 anteriores a 10.3.2.5, permite a un usuario administrador autenticado malicioso obtener contraseñas por servidores externos SMTP, FTP, FTPS, LDAP y Cloud Log Download a los que no estarían autorizados para acceder de otro modo. El usuario administrador malicioso también puede obtener las contraseñas de otros usuarios de Reporter web UI.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-06-06 CVE Reserved
- 2019-08-29 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://support.symantec.com/us/en/article.SYMSA1489.html | 2021-07-21 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Symantec Search vendor "Symantec" | Reporter Search vendor "Symantec" for product "Reporter" | >= 10.3 < 10.3.2.5 Search vendor "Symantec" for product "Reporter" and version " >= 10.3 < 10.3.2.5" | - |
Affected
| ||||||