#VU23438 Overly permissive cross-domain whitelist in Norton Password Manager - CVE-2019-18381

Cybersecurity Help s.r.o.

Published: 2019-12-06

Vulnerability identifier: #VU23438

Vulnerability risk: Low

CVSSv4.0: 0.4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-18381

CWE-ID: CWE-942

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Norton Password Manager
Client/Desktop applications / Other client software

Vendor: Broadcom

Description

The vulnerability allows a local attacker to bypass the CORS protection mechanism.

The vulnerability exists due to incorrect processing of the "Origin" HTTP header that is supplied within HTTP request. A remote authenticated attacker on local network can supply arbitrary value via the "Origin" HTTP header, bypass implemented CORS protection mechanism and perform cross-site scripting attacks against the vulnerable application.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Norton Password Manager: before 6.6.2.5

External links
https://support.symantec.com/us/en/article.SYMSA1499.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Symantec Norton Password Manager