Summary
This host is installed with Symantec Endpoint Protection Manager and is prone to cross site scripting and cross site request forgery vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site.
Impact Level: Application
Solution
Upgrade to Symantec Endpoint Protection (SEP) version 11.0.7000 RU7 or later,For updates refer to http://www.symantec.com/business/endpoint-protection
Insight
Multiple flaws are due to
- Input appended to the URL after /console/apps/sepm is not properly sanitised before being returned to the user.
- Input passed via the 'token' parameter to portal/Help.jsp is not properly sanitised before being returned to the user.
- The portal application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests.
Affected
Symantec Endpoint Protection (SEP) version 11.0.600x through 11.0.6300
References
Severity
Classification
-
CVE CVE-2011-0550, CVE-2011-0551 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Windows)
- Adobe Reader Information Disclosure Vulnerability Jun05 (Windows)
- Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Linux)
- Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)
- Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Windows)