CVE-2016-3651

CWE-200Information Exposure3 documents3 sources
Severity
8.0HIGH
EPSS
1.5%
top 18.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Endpoint Protection Manager
Timeline
PublishedJun 30
Latest updateMay 17

Description

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to discover the PHP JSESSIONID value via unspecified vectors.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:HExploitability: 2.1 | Impact: 5.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-v57w-22q6-r5gf: Symantec Endpoint Protection Manager (SEPM) 122022-05-17
CVEList
CVE-2016-3651: Symantec Endpoint Protection Manager (SEPM) 122016-06-30
CVE-2016-3651 (HIGH CVSS 8) | Symantec Endpoint Protection Manage | cvebase.io