Symantec : Security vulnerabilities, CVEs Information leak

Copy

CVE-2016-3651

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.

Max CVSS

8.0

EPSS Score

0.21%

Published

2016-06-30

Updated

2017-09-01

CVE-2016-3650

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.

Max CVSS

8.8

EPSS Score

0.24%

Published

2016-06-30

Updated

2017-09-01

CVE-2016-3648

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to bypass the Authentication Lock protection mechanism, and conduct brute-force password-guessing attacks against management-console accounts, by entering data into the authorization window.

Max CVSS

8.8

EPSS Score

0.23%

Published

2016-06-30

Updated

2017-09-01

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!