PT-2016-6360 · Symantec · Symantec Endpoint Protection Manager+2

Published

2016-06-30

·

Updated

2017-09-01

·

CVE-2016-5307

CVSS v3.1

4.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Name of the Vulnerable Software and Affected Versions Symantec Endpoint Protection Manager (SEPM) versions 12.1 before RU6 MP5
Description A directory traversal issue allows remote authenticated users to read arbitrary files in the web-root directory tree.
Recommendations For Symantec Endpoint Protection Manager (SEPM) versions 12.1 before RU6 MP5, update to RU6 MP5 or later to resolve the issue.

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2016-5307

Affected Products

Symantec Endpoint Protection Client
Symantec Endpoint Protection Manager
Symantec Endpoint Protection Server