Vulnerabilities > Symantec > Endpoint Protection Manager > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-03-18 | CVE-2015-8153 | SQL Injection vulnerability in Symantec Endpoint Protection Manager SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
| 2016-03-18 | CVE-2015-8152 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager 12.1 Cross-site request forgery (CSRF) vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to hijack the authentication of administrators for requests that execute arbitrary code by adding lines to a logging script. | 8.0 |