CVE-2016-9092

Name of the Vulnerable Software and Affected Versions Symantec Content Analysis versions 1.3, 2.x prior to 2.2.1.1 Symantec Mail Threat Defense version 1.1

Description The issue allows a remote attacker to use phishing or other social engineering techniques to access the management console with the privileges of an authenticated administrator user. This is due to a cross-site request forging vulnerability.

Recommendations For Symantec Content Analysis versions 1.3, update to version 2.2.1.1 or later to resolve the issue. For Symantec Content Analysis versions 2.x prior to 2.2.1.1, update to version 2.2.1.1 or later to resolve the issue. For Symantec Mail Threat Defense version 1.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.