First published: Mon Aug 20 2018(Updated: )
The Symantec Encryption Management Server (SEMS) product, prior to version 3.4.2 MP1, may be susceptible to a denial of service (DoS) exploit. A DoS attack is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
Credit: secure@symantec.com
Affected Software | Affected Version | How to fix |
---|---|---|
Symantec Encryption Management Server | <=3.4.2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2018-5243 has a medium severity rating due to its potential to cause denial of service.
To mitigate CVE-2018-5243, upgrade to Symantec Encryption Management Server version 3.4.2 MP1 or later.
CVE-2018-5243 affects all versions of Symantec Encryption Management Server prior to 3.4.2 MP1.
CVE-2018-5243 describes a denial of service (DoS) attack that can render the server unavailable to users.
Yes, CVE-2018-5243 can be exploited remotely, allowing attackers to disrupt service without physical access.