Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management center vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2019-9697
An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 before 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access.
Symantec Management Center
Symantec Management Center 2.1
Symantec Management Center 2.0
4.3
CVSSv2
CVE-2019-18376
A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated Management Center (MC) user's web browser history or a network device that intercepts/logs traffic to MC, to obtain CSRF tokens and use them to perform CSRF attacks against MC.
Symantec Management Center 2.2
Symantec Management Center 2.3
Symantec Management Center 2.4
7.9
CVSSv2
CVE-2013-1612
Buffer overflow in secars.dll in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1.x prior to 12.1.3, and Symantec Endpoint Protection Center (SPC) Small Business Edition 12.0.x, allows remote malicious users to execute arbitrary code via unspecified vect...
Symantec Endpoint Protection Manager 12.1.0
Symantec Endpoint Protection Manager 12.1.1
Symantec Endpoint Protection Manager 12.1.2
Symantec Endpoint Protection Center 12.0.1
Symantec Endpoint Protection Center 12.0.0
1 EDB exploit
7.1
CVSSv2
CVE-2015-8799
Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x prior to 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection ...
Broadcom Symantec Critical System Protection
Broadcom Symantec Data Center Security Server
Broadcom Symantec Data Center Security Server 6.5.0
Broadcom Symantec Data Center Security Server 6.6.0
Broadcom Symantec Data Center Security Server And Agents 6.6.0
Broadcom Symantec Embedded Security Critical System Protection
Broadcom Symantec Embedded Security Critical System Protection For Controllers And Devices 6.5.0
7.7
CVSSv2
CVE-2015-8798
Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x prior to 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection ...
Broadcom Symantec Data Center Security Server 6.5.0
Broadcom Symantec Data Center Security Server 6.6.0
Broadcom Symantec Data Center Security Server And Agents
Broadcom Symantec Critical System Protection
Broadcom Symantec Embedded Security Critical System Protection
Broadcom Symantec Embedded Security Critical System Protection For Controllers And Devices
6.5
CVSSv2
CVE-2015-8157
SQL injection vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x prior to 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP)...
Broadcom Symantec Critical System Protection
Broadcom Symantec Data Center Security Server 6.5.0
Broadcom Symantec Data Center Security Server 6.6.0
Broadcom Symantec Data Center Security Server And Agents
Broadcom Symantec Embedded Security Critical System Protection
Broadcom Symantec Embedded Security Critical System Protection For Controllers And Devices
9.3
CVSSv2
CVE-2009-1431
XFR.EXE in the Intel File Transfer service in the console in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Symantec AntiVirus (SAV) Corporate Edition 9 prior to 9.0 MR7,...
Symantec Client Security
Symantec Endpoint Protection
Symantec System Center
Symantec Antivirus Central Quarantine Server
Symantec Antivirus
Symantec Antivirus -
3.5
CVSSv2
CVE-2014-9224
Cross-site scripting (XSS) vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x up to and including 6.0 MP1...
Broadcom Symantec Critical System Protection 5.2.9
Symantec Data Center Security 6.0.0
1 EDB exploit
1 Article
9
CVSSv2
CVE-2014-3440
The Agent Control Interface in the management server in Symantec Critical System Protection (SCSP) 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x prior to 6.0 MP1 allows remote authenticated users to execute arbitrary commands by leveraging cl...
Broadcom Symantec Critical System Protection 5.2.9
Symantec Data Center Security 6.0.0
7.2
CVSSv2
CVE-2014-9226
The management server in Symantec Critical System Protection (SCSP) 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced (SDCS:SA) 6.0.x up to and including 6.0 MP1 allows local users to bypass intended Protection Policies via unspecified vectors.
Broadcom Symantec Critical System Protection 5.2.9
Symantec Data Center Security 6.0.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »