41 matches found
CVE-2019-12759
CVE-2019-12759 affects Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security for Exchange (SMSMSE) prior to SEPM 14.2 RU2 and SMSMSE 7.5.x, introducing a privilege-escalation flaw. Technical details point to the LuComServer stDisScriptEngine class as the root cause, enabling loca...
CVE-2013-1612
CVE-2013-1612 affects Symantec Endpoint Protection Manager (SEPM) 12.1.x (prior to 12.1.3) and SPC Small Business Edition 12.0.x . The underlying issue is a buffer overflow in the secars.dll component of the SEPM management console, caused by insufficient boundary checks when processing external ...
CVE-2020-5834
Summary: CVE-2020-5834 affects Symantec Endpoint Protection Manager (SEPM) prior to v14.3. A directory traversal vulnerability could allow a remote attacker to determine the size of files in a directory. Root cause / affected components: Directory traversal flaw in SEPM before 14.3 (as per multip...
CVE-2013-5014
CVE-2013-5014 is an XXE vulnerability in the Symantec Endpoint Protection Manager (SEPM) management console. The flaw lets remote attackers read arbitrary files by sending XML data containing an external entity declaration. Affected are SEPM versions: 11.0 before 11.0.7405.1424 and 12.1 before 12...
CVE-2018-18368
Symantec Endpoint Protection Manager (SEPM) is affected by a local privilege escalation vulnerability (CVE-2018-18368) that exists in SEPM prior to 14.2 RU1. An attacker with local access could gain elevated privileges. Remediation is to upgrade to SEPM/SEP 14.2 RU1 (or RU2 where applicable) and ...
CVE-2013-5015
CVE-2013-5015 affects Symantec Endpoint Protection Manager (SEPM) and related components. The vulnerability is a SQL injection in the management console that, when exploited by remote authenticated users, can cause arbitrary SQL commands to be executed. Affected versions in the initial data inclu...
CVE-2014-3437
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU5 is affected by multiple vulnerabilities (CVE-2014-3437 XXE, CVE-2014-3438 XSS, CVE-2014-3439 arbitrary file write). The XXE flaw allows reading files or sending requests to intranet servers via crafted XML; XSS can exfiltrate sessions;...
CVE-2015-1489
CVE-2015-1489 affects Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1. The SEPM management console vulnerability allows remote authenticated users to gain privileges via unspecified vectors. Related connected sources document an authentication bypass and privilege escalatio...
CVE-2015-1492
Symantec Endpoint Protection Manager (SEPM) is affected by CVE-2015-1492: an untrusted search path/Trojan horse DLL vulnerability in the SEP client install package allows local privilege escalation when SEPM is version before 12.1 RU6 MP3. The issue is discussed in multiple sources (e.g., SYM15-0...
CVE-2020-5833
CVE-2020-5833 affects Symantec Endpoint Protection Manager (SEPM) prior to version 14.3. The issue is described as an out-of-bounds read vulnerability in SEPM that could disclose memory contents. The connected sources (NVD entry, Red Hat advisory, Nessus plugin SYMSA1762 summary) consistently ref...
CVE-2020-5835
Symantec Endpoint Protection Manager (SEPM), prior to version 14.3, contains a race condition in client remote deployment that may allow an authenticated, local attacker to elevate privileges on the remote machine. The issue is documented as CVE-2020-5835. Public advisories and third-party report...
CVE-2015-1486
CVE-2015-1486 affects Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1, enabling remote authentication bypass via a crafted password-reset action that creates a new admin session. Related materials show exploit paths (e.g., Metasploit module, exploit-db entry) indicating pra...
CVE-2015-1488
CVE-2015-1488 affects Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1, via an unspecified action handler in the management console that allows remote authenticated users to read arbitrary files. The issue is addressed by upgrading SEPM to version 12.1-RU6-MP1 (per Symantec SY...
CVE-2015-6554
The CVE-2015-6554 issue affects Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3, allowing remote execution of arbitrary OS commands via crafted data sent to SEPM. Affected vector is remote, with evidence across multiple sources describing an RCE through untrusted data handl...
CVE-2015-6555
Affected software: Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3. Vulnerability: remote attackers can execute arbitrary Java code by connecting to the SEPM console Java port (CVE-2015-6555). Root cause / impact: improper handling of external data on the management console...
CVE-2020-5831
Symantec Endpoint Protection Manager (SEPM) is affected by CVE-2020-5831, a local, out-of-bounds read vulnerability present in SEPM prior to 14.2 RU2 MP1 (and pre-14.2 RU2 MP1 refresh noted in the advisories). Exploitation could allow a local attacker to read memory outside allocated bounds via t...
CVE-2016-5307
Summary: CVE-2016-5307 is a directory traversal vulnerability in the Symantec Endpoint Protection Manager (SEPM) management console, affecting SEPM 12.1 installations prior to 12.1 RU6 MP5. The issue permits remote authenticated users to read arbitrary files within the web-root directory tree via...
CVE-2016-3652
CVE-2016-3652 affects Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5. Multiple cross-site scripting (XSS) vulnerabilities exist in management scripts, allowing remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. The issue arises from insuffi...
CVE-2015-1490
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 is affected by CVE-2015-1490, a directory traversal vulnerability in the SEPM management console. An authenticated remote attacker can read arbitrary files via a relative pathname in a client installation package due to improp...
CVE-2016-3653
CVE-2016-3653 is a CSRF vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU6 MP5. A remote, authenticated attacker can exploit weaknesses in management scripts to hijack the authentication of arbitrary users. The issue is documented across multiple sources (NVD entry and...
CVE-2016-5304
Open redirect vulnerability (CVE-2016-5304) in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5. An authenticated remote attacker could exploit an open redirect in the externalurl.php path to send users to arbitrary sites, enabling phishing and potential session/credential exposure...
CVE-2014-3439
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU5 is affected by CVE-2014-3439: an Unauthenticated Arbitrary File Write in the ConsoleServlet, caused by improper filtering of user input in the logging component. This can allow remote attackers to write arbitrary files, potentially ena...
CVE-2015-1487
The SEPM (Symantec Endpoint Protection Manager) product is affected by CVE-2015-1487: a flaw in the management console prior to 12.1-RU6-MP1 allows remote authenticated users to write arbitrary files via a crafted filename, potentially elevating to administrator privileges. Technical context from...
CVE-2016-3649
Symantec Endpoint Protection Manager (SEPM) 12.1.x before RU6 MP5 is vulnerable to CVE-2016-3649, where remote authenticated administrators can enumerate other administrator accounts by sending modified GET requests to the SEPM interface. The issue is categorized under information-disclosure via ...
CVE-2015-8154
Symantec Endpoint Protection Client
CVE-2016-3647
CVE-2016-3647 is a vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1.x before RU6 MP5 where an authenticated remote user can trigger a server-side request forgery (SSRF) via a crafted request to the management console’s authentication interface, potentially enabling access to inte...
CVE-2015-8153
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to RU6-MP4 is affected by CVE-2015-8153 (SQL injection). Interfaces with the SEPM backend allow a remote authenticated attacker to execute arbitrary SQL via unspecified vectors, potentially impacting data confidentiality, integrity, and avail...
CVE-2014-3438
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 is affected by CVE-2014-3438, a reflected Cross-Site Scripting (XSS) vulnerability in the console interface (notably via the ErrorMsg handling in SSO-Error.jsp and related UI paths). Exploitation could allow an attacker to inject script ...
CVE-2015-1491
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 is affected by CVE-2015-1491, a SQL injection vulnerability in the SEPM management console that allows an authenticated remote user to execute arbitrary SQL commands. The issue is part of a broader set of vulnerabilities (SYM1...
CVE-2020-5827
CVE-2020-5827 affects Symantec Endpoint Protection Manager (SEPM) prior to 14.2 RU2 MP1. The issue is an out-of-bounds read vulnerability, with sources describing an attack path in which an unauthenticated or low-privilege scenario could disclose memory contents or be leveraged alongside other fl...
CVE-2020-5828
CVE-2020-5828 affects Symantec Endpoint Protection Manager (SEPM) prior to 14.2 RU2 MP1, with an out-of-bounds vulnerability (read beyond allocated memory). ZDI details indicate it enables a local attacker who has code execution privileges to achieve an information disclosure by reading memory ou...
CVE-2016-3651
CVE-2016-3651 affects Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5. The issue is that remote authenticated users can discover the PHP JSESSIONID value on the web server via unspecified vectors. The vulnerability is listed among multiple SEPM issues and is associated with sessio...
CVE-2016-5305
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 contains multiple DOM-based cross-site scripting vulnerabilities in SEPM management scripts. The issue is triggered by unsanitized input in the DOM link manipulation pathway, allowing remote authenticated users to inject arbitrary we...
CVE-2015-8801
CVE-2015-8801 concerns Symantec Endpoint Protection (SEP) client, where a race condition in the device control can allow a local user to bypass USB-file-transfer restrictions before the SEP device manager recognizes a new USB device. The vulnerability affects SEP 12.1 prior to RU6 MP5 and is cite...
CVE-2016-3648
CVE-2016-3648. Affects Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5. A flaw in the Authentication Lock protection mechanism lets remote authenticated users bypass the lock, enabling brute-force password guessing against management-console accounts by entering data into the auth...
CVE-2016-3650
Symantec Endpoint Protection Manager (SEPM) 12.1.x before RU6 MP5 is vulnerable to a server credentials disclosure (CVE-2016-3650) via brute-force-style weakness when authenticated to the management console. The issue is one of multiple vulnerabilities affecting SEPM 12.1.x; the root cause is exp...
CVE-2020-5830
Symantec Endpoint Protection Manager (SEPM) is affected by CVE-2020-5830, an out-of-bounds read vulnerability in SEPM prior to 14.2 RU2 MP1. The issue allows memory reading beyond allocated bounds in SEPM (and is part of multiple SEPM/SEP hardening advisories). The ZDI advisory specifies an infor...
CVE-2015-8152
CVE-2015-8152 affects Symantec Endpoint Protection Manager (SEPM) 12.1 up to RU6-MP4. The issue is a cross-site request forgery (CSRF) vulnerability in logging scripts that enables a remote authenticated attacker to hijack administrator authentication and execute arbitrary code through crafted lo...
CVE-2018-18367
CVE-2018-18367 affects Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1, with a DLL preloading vulnerability when the application loads a DLL for execution and a malicious DLL is provided. The entry contains no public details on exploitation in...
CVE-2016-5306
CVE-2016-5306 affects Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5. The vulnerability is an information disclosure caused by failure to enable HTTP Strict Transport Security on port 8445, enabling remote observers to sniff HTTP traffic and obtain sensitive data. Affected produc...
CVE-2020-5829
CVE-2020-5829 affects Symantec Endpoint Protection Manager (SEPM) prior to 14.2 RU2 MP1 . It is an out-of-bounds read vulnerability in SEPM (notably via the secars.dll path) that can allow a local attacker to read memory outside allocated bounds. An attacker would need to execute low-privilege co...