The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability alert CVE-2015-8801 CVE-2016-3647 CVE-2016-3648

Symantec Endpoint Protection: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Impacted software: SEP.
Severity of this computer vulnerability: 2/4.
Consequences of an attack: privileged access/rights, client access/rights, data reading.
Attacker's origin: document.
Number of vulnerabilities in this bulletin: 12.
Creation date: 29/06/2016.
Références of this announce: CVE-2015-8801, CVE-2016-3647, CVE-2016-3648, CVE-2016-3649, CVE-2016-3650, CVE-2016-3651, CVE-2016-3652, CVE-2016-3653, CVE-2016-5304, CVE-2016-5305, CVE-2016-5306, CVE-2016-5307, SYM16-011, VIGILANCE-VUL-19996.

Description of the vulnerability

Several vulnerabilities were announced in Symantec Endpoint Protection.

An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; CVE-2016-3647]

An attacker can try many authentication attempts since accounts are never locked. [severity:1/4; CVE-2016-3648]

An attacker can get information on existing administrator accounts. [severity:1/4; CVE-2016-3649]

An attacker can get server credentials. [severity:1/4; CVE-2016-3650]

An attacker can trigger a Cross Site Scripting via a DOM interface, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-3651]

An attacker can trigger a Cross Site Scripting via a management console, in order to run JavaScript code in the context of the web site. [severity:2/4; CVE-2016-3652]

An attacker can trigger a Cross Site Request Forgery via a management console, in order to force the victim to perform operations. [severity:2/4; CVE-2016-3653]

An attacker can deceive the user, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-5304]

An attacker can change a DOM interface to manipulate a link on php script. [severity:1/4; CVE-2016-5305]

An attacker can bypass "Strict transport security" rules using the port 8445. [severity:1/4; CVE-2016-5306]

An attacker can traverse directories in the management console, in order to read a file outside the root path. [severity:2/4; CVE-2016-5307]

An attacker can exploit race conditions, in order to escalate his privileges. [severity:1/4; CVE-2015-8801]
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides a network vulnerability note. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.