CVE-2019-18380
First published: Mon Dec 09 2019(Updated: )
Symantec Industrial Control System Protection (ICSP), versions 6.x.x, may be susceptible to an unauthorized access issue that could potentially allow a threat actor to create or modify application user accounts without proper authentication.
Credit: secure@symantec.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Symantec Industrial Control System Protection | >=6.0.0<6.1.1.123 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of Symantec Industrial Control System Protection (ICSP) vulnerability?
The vulnerability ID of Symantec Industrial Control System Protection (ICSP) vulnerability is CVE-2019-18380.
What is the severity of CVE-2019-18380?
The severity of CVE-2019-18380 is medium with a severity value of 6.5.
Which versions of Symantec Industrial Control System Protection (ICSP) are affected by CVE-2019-18380?
Symantec Industrial Control System Protection (ICSP) versions 6.x.x are affected by CVE-2019-18380.
What is the impact of CVE-2019-18380?
CVE-2019-18380 allows a threat actor to create or modify application user accounts without proper authentication.
Is there a fix available for CVE-2019-18380?
Please refer to the official Symantec support article (link provided in the references) for information on available fixes for CVE-2019-18380.
- collector/nvd-index
- agent/author
- agent/references
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/severity
- agent/weakness
- agent/type
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/symantec
- canonical/symantec industrial control system protection
- version/symantec industrial control system protection/6.0.0