CVE-2017-15525
low-risk
Published 2017-11-13
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the perpetrator attempts to make a particular machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a specific host within a network.
Do I need to act?
-
0.17% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
4
CVSS 4.5/10
Medium
ADJACENT_NETWORK
/ LOW complexity
Affected Products (1)
Endpoint Encryption
Affected Vendors
References (4)
Third Party Advisory
http://www.securityfocus.com/bid/101697
Third Party Advisory
http://www.securityfocus.com/bid/101697
22
/ 100
low-risk
Severity
16/34 · Moderate
Exploitability
1/34 · Minimal
Exposure
5/34 · Minimal