Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-5014

7 documents6 sources

Severity

7.5HIGH

EPSS

86.2%

top 0.60%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Symantec Endpoint Protection Manager Symantec Protection Center

Timeline

PublishedFeb 14

Latest updateMay 17

Description

The management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote attackers to read arbitrary files via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDsymantec/endpoint_protection_manager5 versions+4

▶NVDsymantec/protection_center12.0

🔴Vulnerability Details

GHSA

GHSA-44qm-5mf2-4vv3: The management console in Symantec Endpoint Protection Manager (SEPM) 11↗2022-05-17

▶

CVEList

CVE-2013-5014: The management console in Symantec Endpoint Protection Manager (SEPM) 11↗2014-02-14

▶

VulnCheck

Symantec endpoint_protection_manager Improper Restriction of XML External Entity Reference↗2013

▶

💥Exploits & PoCs

Exploit-DB

Symantec Endpoint Protection Manager - Remote Command Execution (Metasploit)↗2014-02-26

▶

Exploit-DB

Symantec Endpoint Protection Manager 11.0/12.0/12.1 - Remote Command Execution↗2014-02-23

▶

🔍Detection Rules

Suricata

ET WEB_SPECIFIC_APPS Symantec Endpoint Manager XXE RCE Attempt↗2014-02-26

▶