CVE-2019-18380

Severity CVSS v4.0:
Pending analysis
Type:
CWE-287 Authentication Issues
Publication date:
09/12/2019
Last modified:
17/12/2019

Description

Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:symantec:industrial_control_system_protection:*:*:*:*:*:*:*:* 6.0.0 (including) 6.1.1.123 (excluding)


References to Advisories, Solutions, and Tools