Symantec Endpoint Protection Manager < 12.1 RU6 MP4 Multiple Vulnerabilities (SYM16-003)
High Nessus Plugin ID 90200
SynopsisThe version of Symantec Endpoint Protection Manager installed on the remote host is affected by multiple vulnerabilities.
DescriptionThe version of Symantec Endpoint Protection Manager (SEPM) installed on the remote host is prior to 12.1 RU6 MP4. It is, therefore, affected by the following vulnerabilities :
- A cross-site request forgery (XSRF) vulnerability exists due to HTTP requests to logging scripts not requiring multiple steps, explicit confirmation, or a unique token when performing certain sensitive actions. A remote attacker can exploit this by convincing a user to follow a specially crafted link, resulting in the execution of arbitrary code. (CVE-2015-8152)
- A SQL injection vulnerability exists due to improper sanitization of input before using it in SQL queries. An authenticated, remote attacker can exploit this to inject or manipulate SQL queries on the back-end database, resulting in the manipulation and disclosure of arbitrary data. (CVE-2015-8153)
SolutionUpgrade to Symantec Endpoint Protection Manager 12.1 RU6 MP4 or later.