Vulnerabilities > Symantec > Endpoint Protection Manager > 12.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-25 | CVE-2018-18367 | Untrusted Search Path vulnerability in Symantec Endpoint Protection Manager Symantec Endpoint Protection Manager (SEPM) prior to and including 12.1 RU6 MP9 and prior to 14.2 RU1 may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. | 7.8 |
| 2016-03-18 | CVE-2015-8152 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager 12.1 Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script. | 8.0 |