Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2018-18365

Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic.

Published

2019-04-09T20:29:00.537

Last Modified

2024-11-21T03:55:47.973

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 7.5 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

10.0

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	symantec	norton_password_manager	< 6.2.0.1078	Yes
Application	symantec	norton_password_manager	< 6.2.309	Yes

References

https://support.symantec.com/en_US/article.SYMSA1475.html Vendor Advisory ([email protected])
https://support.symantec.com/en_US/article.SYMSA1475.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)