Symantec Endpoint Protection Manager < 11.0 RU7-MP4a / 12.1 RU4a Multiple Vulnerabilities (SYM14-004)

This script is Copyright (C) 2014-2016 Tenable Network Security, Inc.


Synopsis :

The version of Symantec Endpoint Protection Manager installed on the
remote host is affected by multiple vulnerabilities.

Description :

The version of Symantec Endpoint Protection Manager (SEPM) running on
the remote host is either 11.x prior to 11.0 RU7-MP4a or 12.x prior to
12.1 RU4a. It is, therefore, affected by multiple vulnerabilities:

- SEPM is affected by an XML external entity injection
vulnerability due to a failure to properly sanitize
user-supplied input. A remote, unauthenticated attacker
could potentially exploit this vulnerability to read
arbitrary files. (CVE-2013-5014)

- SEPM is affected by a SQL injection vulnerability due to
a failure to properly sanitize user-supplied input. A
locally authenticated user could potentially exploit
this vulnerability to execute arbitrary SQL commands
against the back-end database. (CVE-2013-5015)

See also :

http://www.securityfocus.com/archive/1/531128/30/0/threaded
http://www.nessus.org/u?9eabd91f

Solution :

Upgrade to 11.0 RU7-MP4a / 12.1 RU4a or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 72542 ()

Bugtraq ID: 65466
65467

CVE ID: CVE-2013-5014
CVE-2013-5015

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now