{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-16T12:17:29.408","vulnerabilities":[{"cve":{"id":"CVE-2022-37017","sourceIdentifier":"secure@symantec.com","published":"2022-12-01T14:15:11.973","lastModified":"2025-04-24T21:15:18.830","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Symantec Endpoint Protection (Windows) agent, prior to 14.3 RU6/14.3 RU5 Patch 1, may be susceptible to a Security Control Bypass vulnerability, which is a type of issue that can potentially allow a threat actor to circumvent existing security controls. This CVE applies narrowly to the Client User Interface Password protection and Policy Import/Export Password protection, if it has been enabled."},{"lang":"es","value":"El agente de Symantec Endpoint Protection (Windows), anterior a 14.3 RU6/14.3 RU5 parche 1, puede ser susceptible a una vulnerabilidad de omisión de control de seguridad, que es un tipo de problema que potencialmente puede permitir que un actor de amenazas eluda los controles de seguridad existentes. Este CVE se aplica estrictamente a la protección con contraseña de la interfaz de usuario del cliente y a la protección con contraseña de importación/exportación de políticas, si se ha habilitado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:broadcom:symantec_endpoint_protection:*:*:*:*:*:windows:*:*","versionEndExcluding":"14.3.5.1","matchCriteriaId":"ECF4A54B-680E-44CE-9A48-988A360EC67F"}]}]}],"references":[{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21014","source":"secure@symantec.com","tags":["Permissions Required","Vendor Advisory"]},{"url":"https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/21014","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required","Vendor Advisory"]}]}}]}