Vulnerabilities > CVE-2016-3650 - 7PK - Security Features vulnerability in Symantec Endpoint Protection Manager 12.1.6

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
symantec
CWE-254
nessus

Summary

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover credentials via a brute-force attack.

Vulnerable Configurations

Part Description Count
Application
Symantec
1

Common Weakness Enumeration (CWE)

Nessus

NASL familyWindows
NASL idSYMANTEC_ENDPOINT_PROT_MGR_SYM16-011.NASL
descriptionThe version of Symantec Endpoint Protection Manager (SEPM) installed on the remote host is prior to 12.1 RU6 MP5. It is, therefore, affected by the following vulnerabilities : - A race condition exists in the SEP client that allows a local attacker to bypass security restrictions, resulting in the ability to download or upload files on the client system. (CVE-2015-8801) - A server-side request forgery vulnerability exists in the authentication interface that allows an attacker to bypass access controls and scan unauthorized content on the internal network. (CVE-2016-3647) - An unspecified flaw exists that allows an attacker to bypass lock threshold limits, resulting in the ability to recover management console passwords using brute-force methods. (CVE-2016-3648) - An unspecified flaw exists when handling GET object requests that allows an attacker to disclose information related to valid administrator accounts. (CVE-2016-3649) - An unspecified flaw exists that allows an attacker to disclose server credentials. (CVE-2016-3650) - An unspecified flaw exists related to PHP JSESSIONID that allows an attacker to execute arbitrary code. (CVE-2016-3651) - Multiple cross-site scripting vulnerabilities exist due to improper validation of user-supplied input to the
last seen2020-06-01
modified2020-06-02
plugin id91894
published2016-06-30
reporterThis script is Copyright (C) 2016-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/91894
titleSymantec Endpoint Protection Manager 12.1.x < 12.1 RU6 MP5 Multiple Vulnerabilities (SYM16-011)