CVE-2015-1485

high

Description

Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators.

References

http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150622_00

http://www.securitytracker.com/id/1032710

http://www.securityfocus.com/bid/75289

Details

Source: Mitre, NVD

Published: 2015-06-28

Updated: 2026-05-06

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00309

Detections

Analytics