Just raising awareness of these known vulnerabilities in all previous releases of the 12.1 Symantec Endpoint Protection Manager (SEPM) and SEP client:
Security Advisories Relating to Symantec Products - Symantec Endpoint Protection Multiple Issues (SYM15-007)
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20150730_00
...
The management console for Symantec Endpoint Protection Manager (SEPM) is susceptible to multiple vulnerabilities including SQL Injection, authentication bypass, possible path traversal and the potential for arbitrary file read/write. SEP clients are susceptible to a binary planting vulnerability that could result in arbitrary code running with system privileges on a client.
....
Symantec product engineers verified these issues. SEPM 12.1-RU6-MP1 contains updates that address these issues. Customers should implement the mitigations described below until the available update can be installed to address these issues. Symantec is not aware of exploitation of or adverse customer impact from this issue.
....
|
CVE
|
BID
|
Description
|
|
CVE-2015-1486
|
BID 76074
|
SEPM Authentication Bypass
|
|
CVE-2015-1487
|
BID 76094
|
SEPM Arbitrary File Write
|
|
CVE-2015-1488
|
BID 76077
|
SEPM Arbitrary File Read
|
|
CVE-2015-1489
|
BID 76078
|
SEPM Privilege Escalation
|
|
CVE-2015-1490
|
BID 76081
|
SEPM Path Traversal
|
|
CVE-2015-1491
|
BID 76079
|
SEPM SQL Injection
|
|
CVE-2015-1492
|
BID 76083
|
SEP Client Binary Planting
|
Please take measures to upgrade your environment. Mitigations are also available if it is not possible to upgrade immediately. Also, ensure that SEP's IPS component is installed and enabled. The following new IPS signatures will offer protection against attempted exploits of the vulnerabilities:
With thanks and best regards,
Mick