![]() (CVE-2016-3647) - An unspecified flaw exists that allows an attacker to bypass lock threshold limits, resulting in the ability to recover management console passwords using brute-force methods. (CVE-2015-8801) - A server-side request forgery vulnerability exists in the authentication interface that allows an attacker to bypass access controls and scan unauthorized content on the internal network. It is, therefore, affected by the following vulnerabilities : - A race condition exists in the SEP client that allows a local attacker to bypass security restrictions, resulting in the ability to download or upload files on the client system. The version of Symantec Endpoint Protection Manager (SEPM) installed on the remote host is prior to 12.1 RU6 MP5. SYMANTEC_ENDPOINT_PROT_MGR_SYM16-011.NASL
0 Comments
Leave a Reply. |