Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec management console vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-5691
Multiple cross-site scripting (XSS) vulnerabilities in PHP scripts in the management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors, as demonst...
Symantec Web Gateway
NA
CVE-2015-5693
The management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary commands via vectors related to "traffic capture."
Symantec Web Gateway
NA
CVE-2015-5690
The management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allows remote authenticated users to bypass intended access restrictions and execute arbitrary commands by leveraging a "redirect."
Symantec Web Gateway
NA
CVE-2015-5692
admin_messages.php in the management console on Symantec Web Gateway (SWG) appliances with software prior to 5.2.2 DB 5.0.0.1277 allows remote authenticated users to execute arbitrary code by uploading a file with a safe extension and content type, and then leveraging an improper...
Symantec Web Gateway
NA
CVE-2015-1486
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote malicious users to bypass authentication via a crafted password-reset action that triggers a new administrative session.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
NA
CVE-2015-1487
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to write to arbitrary files, and consequently obtain administrator privileges, via a crafted filename.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
NA
CVE-2015-1490
Directory traversal vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via a relative pathname in a client installation package.
Symantec Endpoint Protection Manager 12.1.0
NA
CVE-2015-1488
An unspecified action handler in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to read arbitrary files via unknown vectors.
Symantec Endpoint Protection Manager 12.1.0
NA
CVE-2015-1491
SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Symantec Endpoint Protection Manager 12.1.0
NA
CVE-2015-1489
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote authenticated users to gain privileges via unspecified vectors.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »