CVE-2015-8153

CWE-89SQL Injection5 documents5 sources
Severity
8.8HIGH
EPSS
0.9%
top 24.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Endpoint Protection Manager
Timeline
PublishedMar 18
Latest updateMay 17

Description

SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6-MP4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-6q68-4mvp-pg9m: SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 122022-05-17
CVEList
CVE-2015-8153: SQL injection vulnerability in Symantec Endpoint Protection Manager (SEPM) 122016-03-18

📋Vendor Advisories

1
Red Hat
openstack-neutron: L3 agent denial of service with radvd 2.0+ (OSSA 2015-001)2015-01-08

💬Community

1
Bugzilla
CVE-2014-8153 openstack-neutron: L3 agent denial of service with radvd 2.0+ (OSSA 2015-001)2015-01-09
CVE-2015-8153 (HIGH CVSS 8.8) | SQL injection vulnerability in Syma | cvebase.io