Vulnerabilities > Symantec > Endpoint Protection Manager > 12.1.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-06-30 | CVE-2016-3647 | Security Bypass vulnerability in Symantec Endpoint Protection Manager 12.1.6 Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request. | 4.0 |
| 2016-06-30 | CVE-2015-8801 | Improper Access Control vulnerability in Symantec Endpoint Protection Manager 12.1.6 Race condition in the client in Symantec Endpoint Protection (SEP) 12.1 before RU6 MP5 allows local users to bypass intended restrictions on USB file transfer by conducting filesystem operations before the SEP device manager recognizes a new USB device. | 3.3 |