Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
symantec endpoint protection manager vulnerabilities and exploits
(subscribe to this query)
8
CVSSv3
CVE-2016-3651
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.
Symantec Endpoint Protection Manager
8
CVSSv3
CVE-2016-3653
Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Symantec Endpoint Protection Manager
1 EDB exploit
6.8
CVSSv3
CVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Symantec Endpoint Protection Manager
1 EDB exploit
5.4
CVSSv3
CVE-2016-5305
Multiple cross-site scripting (XSS) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to inject arbitrary web script or HTML via a "DOM link manipulation" attack.
Symantec Endpoint Protection Manager
4.3
CVSSv3
CVE-2016-5307
Directory traversal vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to read arbitrary files in the web-root directory tree via unspecified vectors.
Symantec Endpoint Protection Manager
NA
CVE-2015-6554
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3 allows remote malicious users to execute arbitrary OS commands via crafted data.
Symantec Endpoint Protection Manager
NA
CVE-2015-6555
Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP3 allows remote malicious users to execute arbitrary Java code by connecting to the console Java port.
Symantec Endpoint Protection Manager
7.8
CVSSv3
CVE-2018-18368
Symantec Endpoint Protection Manager (SEPM), before 14.2 RU1, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protect...
Symantec Endpoint Protection Manager
8.8
CVSSv3
CVE-2015-8154
The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote malicious users to execute arbitrary code via a crafted HTML document, related to "RWX Permissions."
Symantec Endpoint Protection Manager
1 Article
NA
CVE-2015-1486
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 prior to 12.1-RU6-MP1 allows remote malicious users to bypass authentication via a crafted password-reset action that triggers a new administrative session.
Symantec Endpoint Protection Manager 12.1.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »