CVE-2017-6330

medium

Published 2017-09-13 · Modified 2026-05-13

CVSS v3

6.5

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVSS v2

4.0

VIR risk

6.5

Description

Symantec Encryption Desktop before SED 10.4.1MP2 can allow remote attackers to cause a denial of service (resource consumption) via crafted web requests."

Predictions

Exploit likelihood

75%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: secure@symantec.com — https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170907_00

Application impact

Vendor	Product	Versions	Fixed
symantec	encryption_desktop	`{"endIncluding":"10.4.1"}`

References

http://www.securityfocus.com/bid/100552
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170907_00
http://www.securityfocus.com/bid/100552
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170907_00

Verify integrity in audit chain (admin only). AS-IS.