CVE-2012-4348 in Endpoint Protectioninfo

Summary

The management console in Symantec Endpoint Protection (SEP) 11.0 before RU7-MP3 and 12.1 before RU2, and Symantec Endpoint Protection Small Business Edition 12.x before 12.1 RU2, does not properly validate input for PHP scripts, which allows remote authenticated users to execute arbitrary code via unspecified vectors.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

08/16/2012

Disclosure

12/18/2012

Moderation

VulDB entry created

Entries

1: VDB-7113

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

9.0

EPSS

0.02467

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-4348
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-4348
CVE Details	https://www.cvedetails.com/cve/CVE-2012-4348/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!