|The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.|
Symantec Endpoint Protection: multiple vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Symantec Endpoint Protection.
Impacted software: SEP.
Severity of this computer vulnerability: 2/4.
Consequences of an attack: privileged access/rights, client access/rights, data reading.
Attacker's origin: document.
Number of vulnerabilities in this bulletin: 12.
Creation date: 29/06/2016.
Références of this announce: CVE-2015-8801, CVE-2016-3647, CVE-2016-3648, CVE-2016-3649, CVE-2016-3650, CVE-2016-3651, CVE-2016-3652, CVE-2016-3653, CVE-2016-5304, CVE-2016-5305, CVE-2016-5306, CVE-2016-5307, SYM16-011, VIGILANCE-VUL-19996.
Description of the vulnerability
Several vulnerabilities were announced in Symantec Endpoint Protection.
An attacker can trigger a Cross Site Request Forgery, in order to force the victim to perform operations. [severity:2/4; CVE-2016-3647]
An attacker can try many authentication attempts since accounts are never locked. [severity:1/4; CVE-2016-3648]
An attacker can get information on existing administrator accounts. [severity:1/4; CVE-2016-3649]
An attacker can get server credentials. [severity:1/4; CVE-2016-3650]
An attacker can trigger a Cross Site Request Forgery via a management console, in order to force the victim to perform operations. [severity:2/4; CVE-2016-3653]
An attacker can deceive the user, in order to redirect him to a malicious site. [severity:1/4; CVE-2016-5304]
An attacker can change a DOM interface to manipulate a link on php script. [severity:1/4; CVE-2016-5305]
An attacker can bypass "Strict transport security" rules using the port 8445. [severity:1/4; CVE-2016-5306]
An attacker can traverse directories in the management console, in order to read a file outside the root path. [severity:2/4; CVE-2016-5307]
An attacker can exploit race conditions, in order to escalate his privileges. [severity:1/4; CVE-2015-8801]
Full Vigil@nce bulletin... (Free trial)
Computer vulnerabilities tracking service
Vigil@nce provides a network vulnerability note. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce team tracks computer vulnerabilities impacting systems and applications. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.