{"api_version":"1","generated_at":"2026-05-06T05:34:48+00:00","cve":"CVE-2018-5239","urls":{"html":"https://cve.report/CVE-2018-5239","api":"https://cve.report/api/cve/CVE-2018-5239.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-5239","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-5239"},"summary":{"title":"CVE-2018-5239","description":"Norton App Lock prior to v1.3.0.332 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.","state":"PUBLIC","assigner":"secure@symantec.com","published_at":"2018-07-16 17:29:00","updated_at":"2019-10-03 00:03:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://support.symantec.com/en_US/article.SYMSA1455.html","name":"https://support.symantec.com/en_US/article.SYMSA1455.html","refsource":"CONFIRM","tags":["Mitigation","Vendor Advisory"],"title":"Norton App Lock Bypass","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/104693","name":"104693","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Symantec Norton App Lock CVE-2018-5239 Local Security Bypass Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-5239","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-5239","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"5239","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_app_lock","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"5239","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"symantec","cpe5":"norton_app_lock","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"secure@symantec.com","DATE_PUBLIC":"2018-07-16T00:00:00","ID":"CVE-2018-5239","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Norton App Lock","version":{"version_data":[{"version_value":"Prior to v1.3.0.332"}]}}]},"vendor_name":"Symantec Corporation"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Norton App Lock prior to v1.3.0.332 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"App Lock Bypass"}]}]},"references":{"reference_data":[{"name":"104693","refsource":"BID","url":"http://www.securityfocus.com/bid/104693"},{"name":"https://support.symantec.com/en_US/article.SYMSA1455.html","refsource":"CONFIRM","url":"https://support.symantec.com/en_US/article.SYMSA1455.html"}]}},"nvd":{"publishedDate":"2018-07-16 17:29:00","lastModifiedDate":"2019-10-03 00:03:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":6.2,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.3,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:symantec:norton_app_lock:*:*:*:*:*:*:*:*","versionEndExcluding":"1.3.0.332","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"5239","Ordinal":"121196","Title":"CVE-2018-5239","CVE":"CVE-2018-5239","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"5239","Ordinal":"1","NoteData":"Norton App Lock prior to v1.3.0.332 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"5239","Ordinal":"2","NoteData":"2018-07-16","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"5239","Ordinal":"3","NoteData":"2018-07-17","Type":"Other","Title":"Modified"}]}}}