Symantec Endpoint Protection Manager Java Object Deserialization RCE (SYM15-011)
Critical Nessus Plugin ID 87505
SynopsisAn application running on the remote host is affected by an arbitrary command execution vulnerability.
DescriptionThe remote Symantec Endpoint Protection Manager server is affected by a remote command execution vulnerability due to unsafe deserialize calls of unauthenticated Java objects to the Apache Commons Collections (ACC) library. An unauthenticated, remote attacker can exploit this, by sending a crafted multipart HTTP POST request, to execute arbitrary commands on the target host.
SolutionUpgrade to Symantec Endpoint Protection Manager 12.1 RU6 MP3 or later.