Vulnerabilities > CVE-2016-5304 - Open Redirect vulnerability in Symantec Endpoint Protection Manager 12.1.6
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. <a href="http://cwe.mitre.org/data/definitions/601.html">CWE-601: URL Redirection to Untrusted Site ('Open Redirect')</a>
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities. CVE-2016-3652,CVE-2016-3653,CVE-2016-5304. Webapps exploit for php platform |
| file | exploits/php/webapps/40041.txt |
| id | EDB-ID:40041 |
| last seen | 2016-06-29 |
| modified | 2016-06-29 |
| platform | php |
| port | 8445 |
| published | 2016-06-29 |
| reporter | hyp3rlinx |
| source | https://www.exploit-db.com/download/40041/ |
| title | Symantec Endpoint Protection Manager 12.1 - Multiple Vulnerabilities |
| type | webapps |
Nessus
| NASL family | Windows |
| NASL id | SYMANTEC_ENDPOINT_PROT_MGR_SYM16-011.NASL |
| description | The version of Symantec Endpoint Protection Manager (SEPM) installed on the remote host is prior to 12.1 RU6 MP5. It is, therefore, affected by the following vulnerabilities : - A race condition exists in the SEP client that allows a local attacker to bypass security restrictions, resulting in the ability to download or upload files on the client system. (CVE-2015-8801) - A server-side request forgery vulnerability exists in the authentication interface that allows an attacker to bypass access controls and scan unauthorized content on the internal network. (CVE-2016-3647) - An unspecified flaw exists that allows an attacker to bypass lock threshold limits, resulting in the ability to recover management console passwords using brute-force methods. (CVE-2016-3648) - An unspecified flaw exists when handling GET object requests that allows an attacker to disclose information related to valid administrator accounts. (CVE-2016-3649) - An unspecified flaw exists that allows an attacker to disclose server credentials. (CVE-2016-3650) - An unspecified flaw exists related to PHP JSESSIONID that allows an attacker to execute arbitrary code. (CVE-2016-3651) - Multiple cross-site scripting vulnerabilities exist due to improper validation of user-supplied input to the |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 91894 |
| published | 2016-06-30 |
| reporter | This script is Copyright (C) 2016-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/91894 |
| title | Symantec Endpoint Protection Manager 12.1.x < 12.1 RU6 MP5 Multiple Vulnerabilities (SYM16-011) |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/137713/SYMANTEC-SEPM-MULTIPLE-VULNS.txt |
| id | PACKETSTORM:137713 |
| last seen | 2016-12-05 |
| published | 2016-06-30 |
| reporter | hyp3rlinx |
| source | https://packetstormsecurity.com/files/137713/Symantec-Endpoint-Protection-12.1-CSRF-XSS-Open-Redirect.html |
| title | Symantec Endpoint Protection 12.1 CSRF / XSS / Open Redirect |