CVE-2016-3647

3 documents3 sources
Severity
7.7HIGH
EPSS
0.2%
top 53.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Endpoint Protection Manager
Timeline
PublishedJun 30
Latest updateMay 17

Description

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks, and trigger network traffic to arbitrary intranet hosts, via a crafted request.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:NExploitability: 3.1 | Impact: 4.0

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-g6gm-vj99-4x7p: Symantec Endpoint Protection Manager (SEPM) 122022-05-17
CVEList
CVE-2016-3647: Symantec Endpoint Protection Manager (SEPM) 122016-06-30
CVE-2016-3647 (HIGH CVSS 7.7) | Symantec Endpoint Protection Manage | cvebase.io