Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
endpoint protection manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2016-5306
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote malicious users to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.
Symantec Endpoint Protection Manager
3.3
CVSSv2
CVE-2015-8801
Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device.
Symantec Endpoint Protection Manager
4.6
CVSSv2
CVE-2018-18368
Symantec Endpoint Protection Manager (SEPM), before 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protect...
Symantec Endpoint Protection Manager
4.9
CVSSv2
CVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
3.5
CVSSv2
CVE-2016-5305
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack.
Symantec Endpoint Protection Manager
4
CVSSv2
CVE-2016-5307
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors.
Symantec Endpoint Protection Manager
8.5
CVSSv2
CVE-2015-6555
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3 allows remote malicious users to execute arbitrary Java code by connecting to the console Java port.
Symantec Endpoint Protection Manager
4
CVSSv2
CVE-2016-3649
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests.
Symantec Endpoint Protection Manager
6
CVSSv2
CVE-2016-3651
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
Symantec Endpoint Protection Manager
6
CVSSv2
CVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Symantec Endpoint Protection Manager
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »