Vulnerabilities > Symantec > Management Center > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-10 | CVE-2019-18376 | Cross-Site Request Forgery (CSRF) vulnerability in Symantec Management Center 2.2/2.3/2.4 A CSRF token disclosure vulnerability allows a remote attacker, with access to an authenticated Management Center (MC) user's web browser history or a network device that intercepts/logs traffic to MC, to obtain CSRF tokens and use them to perform CSRF attacks against MC. | 5.9 |
| 2019-08-30 | CVE-2019-9697 | Unspecified vulnerability in Symantec Management Center 2.0/2.1/2.2 An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access. | 6.5 |