Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec endpoint protection 12.1 vulnerabilities and exploits
(subscribe to this query)
3.6
CVSSv2
CVE-2017-6331
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses the real time protection for the application that is run on servers and clients.
Symantec Endpoint Protection
1 EDB exploit
7.2
CVSSv2
CVE-2015-8113
Untrusted search path vulnerability in the client in Symantec Endpoint Protection (SEP) 12.1 prior to 12.1-RU6-MP3 allows local users to gain privileges via a Trojan horse DLL in a client install package. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1...
Symantec Endpoint Protection
7.5
CVSSv2
CVE-2015-6554
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3 allows remote malicious users to execute arbitrary OS commands via crafted data.
Symantec Endpoint Protection Manager
8.5
CVSSv2
CVE-2015-6555
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3 allows remote malicious users to execute arbitrary Java code by connecting to the console Java port.
Symantec Endpoint Protection Manager
4.6
CVSSv2
CVE-2017-13681
Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. In the circumstances of this i...
Symantec Endpoint Protection
4
CVSSv2
CVE-2016-3650
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.
Symantec Endpoint Protection Manager
4
CVSSv2
CVE-2016-3649
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests.
Symantec Endpoint Protection Manager
6
CVSSv2
CVE-2016-3651
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
Symantec Endpoint Protection Manager
8.3
CVSSv2
CVE-2015-8153
SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Endpoint Protection Manager
1 Article
4
CVSSv2
CVE-2016-5307
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors.
Symantec Endpoint Protection Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »