Lucene search
K

163 matches found

Exploit DB
Exploit DB
added 2016/06/29 12:0 a.m.55 views

Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities

Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-SEPM-MULTIPLE-VULNS.txt + ISR: ApparitionSec Vendor: ================ www.symantec.com Product: =========== SEPM Symantec Endpoint Protection Manager and client v12.1...

8CVSS6.3AI score0.04122EPSS
Exploits4
NVD
NVD
added 2016/03/18 2:59 p.m.18 views

CVE-2015-8152

Cross-site request forgery CSRF vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script...

8.5CVSS8.3AI score0.01719EPSS
Exploits0References3
Prion
Prion
added 2016/03/18 2:59 p.m.17 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script...

8.5CVSS8AI score0.01719EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/03/18 2:0 p.m.58 views

CVE-2015-8153

Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU6-MP4 is affected by CVE-2015-8153 (SQL injection). Interfaces with the SEPM backend allow a remote authenticated attacker to execute arbitrary SQL via unspecified vectors, potentially impacting data confidentiality, integrity, and avail...

8.8CVSS8.6AI score0.03077EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/03/18 2:0 p.m.52 views

CVE-2015-8152

CVE-2015-8152 affects Symantec Endpoint Protection Manager (SEPM) 12.1 up to RU6-MP4. The issue is a cross-site request forgery (CSRF) vulnerability in logging scripts that enables a remote authenticated attacker to hijack administrator authentication and execute arbitrary code through crafted lo...

8.5CVSS8.5AI score0.01719EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2016/03/18 2:0 p.m.25 views

CVE-2015-8153

SQL injection vulnerability in Symantec Endpoint Protection Manager SEPM 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

8.7AI score0.03077EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/12/18 12:0 a.m.98 views

Symantec Endpoint Protection Manager Java Object Deserialization RCE (SYM15-011)

The remote Symantec Endpoint Protection Manager server is affected by a remote command execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections ACC library. An unauthenticated, remote attacker can exploit this, by sending a crafted...

7.5CVSS6.1AI score0.02703EPSS
Exploits0References3
CNVD
CNVD
added 2015/11/13 12:0 a.m.21 views

Symantec Endpoint Protection Manager-RU6-MP3 Arbitrary OS Command Execution Vulnerability

Symantec Endpoint Protection Manager is a centralized manager for Symantec's enterprise-class antivirus software. An arbitrary operating system command execution vulnerability exists in version 12.1 of Symantec Endpoint Protection Manager prior to 12.1-RU6-MP3. This allows remote attackers to...

7.5CVSS7.9AI score0.02703EPSS
Exploits0References1
NVD
NVD
added 2015/11/12 3:59 a.m.24 views

CVE-2015-6554

Symantec Endpoint Protection Manager SEPM 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data...

7.5CVSS7.5AI score0.02703EPSS
Exploits0References3
Prion
Prion
added 2015/11/12 3:59 a.m.19 views

Design/Logic Flaw

Symantec Endpoint Protection Manager SEPM 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data...

7.5CVSS8.1AI score0.02703EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2015/11/12 2:0 a.m.34 views

CVE-2015-6554

Symantec Endpoint Protection Manager SEPM 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data...

7.5AI score0.02703EPSS
Exploits0References3
CVE
CVE
added 2015/11/12 2:0 a.m.69 views

CVE-2015-6554

The CVE-2015-6554 issue affects Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3, allowing remote execution of arbitrary OS commands via crafted data sent to SEPM. Affected vector is remote, with evidence across multiple sources describing an RCE through untrusted data handl...

7.5CVSS7.7AI score0.02703EPSS
Exploits0References3Affected Software1
Saint
Saint
added 2015/08/26 12:0 a.m.87 views

Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...

7.5CVSS7.1AI score0.64487EPSS
Exploits9
Saint
Saint
added 2015/08/26 12:0 a.m.203 views

Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...

7.5CVSS7.1AI score0.64487EPSS
Exploits9
Packet Storm
Packet Storm
added 2015/08/17 12:0 a.m.43 views

Symantec Endpoint Protection Manager Authentication Bypass / Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'Symantec Endpoint Protection Manager Authentication Bypass and Code Execution', 'Description' = %q This module exploits three separa...

8.5CVSS0.6AI score0.64487EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2015/08/13 12:0 a.m.131 views

Symantec Endpoint Protection Manager < 12.1 RU6 MP1 Multiple Vulnerabilities (SYM15-007)

The version of Symantec Endpoint Protection Manager SEPM running on the remote host is prior to 12.1 RU6 MP1. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the password reset functionality that allows a remote attacker, using a crafted password reset action, to...

8.5CVSS6.1AI score0.64487EPSS
Exploits9References5
CNVD
CNVD
added 2015/08/04 12:0 a.m.6 views

Symantec Endpoint Protection Manager Privilege Gain Vulnerability

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. SEPM 12.1-RU6-MP1 A security vulnerability exists in the management console of previous...

8.5CVSS7.2AI score0.24638EPSS
Exploits4References1
CNVD
CNVD
added 2015/08/04 12:0 a.m.6 views

Symantec Endpoint Protection Manager SQL Injection Vulnerability

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. SEPM 12.1-RU6-MP1 A SQL injection vulnerability exists in the management console of...

6CVSS8.4AI score0.0162EPSS
Exploits1References1
CNVD
CNVD
added 2015/08/04 12:0 a.m.12 views

Symantec Endpoint Protection Manager Untrusted Search Path Vulnerability

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. SEPM 12.1-RU6-MP1 An untrustworthy search path vulnerability exists in the client prior ...

8.5CVSS6.9AI score0.01738EPSS
Exploits1References1
CNVD
CNVD
added 2015/08/04 12:0 a.m.28 views

Symantec Endpoint Protection Manager Authentication Bypass Vulnerability

Symantec Endpoint Protection Manager SEPM is a suite of enterprise-grade virus protection software from Symantec USA. The software protects against malicious attacks such as viruses, worms, and Trojan horses. SEPM 12.1-RU6-MP1 A security vulnerability exists in the management console of previous...

7.5CVSS7.2AI score0.64487EPSS
Exploits9References1
Rows per page
Query Builder