7 matches found
Symantec Endpoint Protection Manager Cross Site Request Forgery (CVE-2016-3653)
A Cross Site Request Forgery vulnerability has been reported in the Symantec Endpoint Protection Manager. The vulnerability is due to insufficient CSRF protections. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to visit a page. Successful exploitation could...
CVE-2016-3653
Multiple cross-site request forgery CSRF vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users...
CVE-2016-3653
CVE-2016-3653 is a CSRF vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU6 MP5. A remote, authenticated attacker can exploit weaknesses in management scripts to hijack the authentication of arbitrary users. The issue is documented across multiple sources (NVD entry and...
CVE-2016-3653
Multiple cross-site request forgery CSRF vulnerabilities in management scripts in Symantec Endpoint Protection Manager SEPM 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users...
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities
Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities + Credits: John Page aka HYP3RLINX + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SYMANTEC-SEPM-MULTIPLE-VULNS.txt + ISR: ApparitionSec Vendor: ================ www.symantec.com Product:...
CVE-2016-3653
creationtimestamp| type| source ---|---|--- 2016-06-29 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/40041...
Symantec Endpoint Protection Multiple Security Issues
SUMMARY Symantec Endpoint Protection SEP was susceptible to a number of security vulnerabilities potentially resulting in a user being able to leverage elevated privilege or access to unauthorized files on the management console. Additionally, a race condition in the device control of a SEP clien...