CVE-2016-5306

CWE-200Information ExposureCWE-2543 documents3 sources
Severity
5.3MEDIUM
EPSS
0.3%
top 43.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Endpoint Protection Manager
Timeline
PublishedJun 30
Latest updateMay 17

Description

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-78w8-jw35-5rj7: Symantec Endpoint Protection Manager (SEPM) 122022-05-17
CVEList
CVE-2016-5306: Symantec Endpoint Protection Manager (SEPM) 122016-06-30
CVE-2016-5306 (MEDIUM CVSS 5.3) | Symantec Endpoint Protection Manage | cvebase.io