Symantec

Endpoint Protection Manager

41 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2016-3648

  • EPSS 0.61%
  • Published 30.06.2016 23:59:09
  • Last modified 12.04.2025 10:46:40

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by enteri...

7.7

CVE-2016-3647

  • EPSS 0.24%
  • Published 30.06.2016 23:59:08
  • Last modified 12.04.2025 10:46:40

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.

3.3

CVE-2015-8801

  • EPSS 0.06%
  • Published 30.06.2016 23:59:00
  • Last modified 12.04.2025 10:46:40

Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB devi...

9.3

CVE-2015-8154

  • EPSS 1.68%
  • Published 18.03.2016 14:59:03
  • Last modified 12.04.2025 10:46:40

The SysPlant.sys driver in the Application and Device Control (ADC) component in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6-MP4 allows remote attackers to execute arbitrary code via a crafted HTML document, related to "RWX Permi...

8.8

CVE-2015-8153

  • EPSS 0.87%
  • Published 18.03.2016 14:59:02
  • Last modified 12.04.2025 10:46:40

SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

8.5

CVE-2015-8152

  • EPSS 0.79%
  • Published 18.03.2016 14:59:01
  • Last modified 12.04.2025 10:46:40

Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lin...

8.5

CVE-2015-6555

  • EPSS 1.55%
  • Published 12.11.2015 03:59:04
  • Last modified 12.04.2025 10:46:40

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port.

7.5

CVE-2015-6554

  • EPSS 1.7%
  • Published 12.11.2015 03:59:02
  • Last modified 12.04.2025 10:46:40

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data.

8.5

CVE-2015-1492

  • EPSS 0.85%
  • Published 01.08.2015 01:59:09
  • Last modified 12.04.2025 10:46:40

Untrusted search path vulnerability in the client in Symantec Endpoint Protection 12.1 before 12.1-RU6-MP1 allows local users to gain privileges via a Trojan horse DLL in a client install package.

6

CVE-2015-1491

  • EPSS 1%
  • Published 01.08.2015 01:59:08
  • Last modified 12.04.2025 10:46:40

SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.