CVE-2013-5016 — HIGH (7.6) — White Hats Nepal

Q: What is CVE-2013-5016?

CVE-2013-5016 is a vulnerability with a CVSS score of 7.6 (HIGH). Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors.

Q: How severe is CVE-2013-5016?

CVE-2013-5016 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2013-5016?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Symantec Critical System Protection, Microsoft Windows 2003 Server.

Vulnerability Description

Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors.

CVSS Score

7.6

HIGH

AV:N/AC:H/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Broadcom	Symantec Critical System Protection	<= 5.2.8
Microsoft	Windows 2003 Server	All versions

Related Weaknesses (CWE)

CWE-264

References

FAQ

What is CVE-2013-5016?

CVE-2013-5016 is a vulnerability with a CVSS score of 7.6 (HIGH). Symantec Critical System Protection (SCSP) before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors.

How severe is CVE-2013-5016?

CVE-2013-5016 has been rated HIGH with a CVSS base score of 7.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2013-5016?

Check the references section above for vendor advisories and patch information. Affected products include: Broadcom Symantec Critical System Protection, Microsoft Windows 2003 Server.