CVE-2015-6555 — Code Injection in Endpoint Protection Manager

CWE-94 — Code Injection3 documents3 sources

Severity

8.5HIGHNVD

EPSS

1.6%

top 18.54%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Endpoint Protection Manager

Timeline

PublishedNov 12

Latest updateMay 17

Description

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary Java code by connecting to the console Java port.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 6.8 | Impact: 10.0

Affected Packages1 packages

▶NVDsymantec/endpoint_protection_manager12.1

🔴Vulnerability Details

GHSA

GHSA-j79x-fmcf-99x7: Symantec Endpoint Protection Manager (SEPM) 12↗2022-05-17

▶

CVEList

CVE-2015-6555: Symantec Endpoint Protection Manager (SEPM) 12↗2015-11-12

▶