CVE-2014-3437
high
CVSS v3
—
CVSS v2
7.5
VIR risk
7.5
Description
The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
Vendor advisory: secure@symantec.com — http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| symantec | endpoint_protection_manager | {"endIncluding":"12.1.4"} | |
| symantec | endpoint_protection_manager | 12.1.0 | |
| symantec | endpoint_protection_manager | 12.1.1 | |
| symantec | endpoint_protection_manager | 12.1.2 | |
| symantec | endpoint_protection_manager | 12.1.3 | |
References
- http://seclists.org/fulldisclosure/2014/Nov/7
- http://www.securityfocus.com/archive/1/533918/100/0/threaded
- http://www.securityfocus.com/bid/70843
- http://www.securitytracker.com/id/1031176
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98525
- http://seclists.org/fulldisclosure/2014/Nov/7
- http://www.securityfocus.com/archive/1/533918/100/0/threaded
- http://www.securityfocus.com/bid/70843
- http://www.securitytracker.com/id/1031176
- http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20141105_00
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98525
Verify integrity in audit chain (admin only). AS-IS.