3 matches found
CVE-2016-3647
CVE-2016-3647 is a vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1.x before RU6 MP5 where an authenticated remote user can trigger a server-side request forgery (SSRF) via a crafted request to the management console’s authentication interface, potentially enabling access to inte...
CVE-2016-3647
Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery SSRF attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request...
Symantec Endpoint Protection Multiple Security Issues
SUMMARY Symantec Endpoint Protection SEP was susceptible to a number of security vulnerabilities potentially resulting in a user being able to leverage elevated privilege or access to unauthorized files on the management console. Additionally, a race condition in the device control of a SEP clien...