Vulnerability Description
A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions.
CVSS Score
7.1
HIGH
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | Norton App Lock | <= 1.0.3.186 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/94343Third Party AdvisoryVDB Entry
- https://support.symantec.com/us/en/article.symsa1386.htmlVendor Advisory
- http://www.securityfocus.com/bid/94343Third Party AdvisoryVDB Entry
- https://support.symantec.com/us/en/article.symsa1386.htmlVendor Advisory
FAQ
What is CVE-2016-6591?
CVE-2016-6591 is a vulnerability with a CVSS score of 7.1 (HIGH). A security bypass vulnerability exists in Symantec Norton App Lock 1.0.3.186 and earlier if application pinning is enabled, which could let a local malicious user bypass security restrictions.
How severe is CVE-2016-6591?
CVE-2016-6591 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-6591?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec Norton App Lock.