either update the clients or the SEPM.
The management console for Symantec Endpoint Protection Manager (SEPM) is susceptible to OS command execution, Java code execution elevation of privilege. SEP clients are susceptible to a binary planting vulnerability that could result in arbitrary code running with system privileges on a client due to only partially addressing this issue in previous releases.
To fully mitigate CVE-2015-8113, one side of the client-server connection has to be upgraded to RU6 MP3. Administrators can choose to update the SEPM server or the client only to SEP 12.1-RU6-MP3 and the issue will be resolved.
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151109_00