Symantec Endpoint Protection Manager 12.1 Execute Arbitrary OS Commands Vulnerabilities
* Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3
* Symantec Endpoint Protection Manager (SEPM) 12.1 after 12.1-RU6-MP3
The management console for Symantec Endpoint Protection Manager (SEPM) is susceptible to arbitrary Java command execution if an authorized but unauthenticated user or an unauthorized individual can gain access to the Java port on the SEPM console. The server does not properly handle untrusted external data which could lead to OS command execution with elevated application privileges. By leveraging the elevated application access obtained, a malicious attacker may be able to potentially manipulate SEPM services to launch arbitrary code with administrator privileges on the host system.
Original release date: 11/11/2015
Last revised: 11/12/2015