Lucene search
SymantecCVE-2014-9229HistorySep 20, 2015 - 8:59 p.m.
CVE-2014-9229
2015-09-2020:59:02
CWE-89
symantec
web.nvd.nist.gov
26
cve-2014-9229
sql injection
symantec endpoint protection
sep
remote code execution
nvd
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.002
Percentile
53.3%
Multiple SQL injection vulnerabilities in interface PHP scripts in the Manager component in Symantec Endpoint Protection (SEP) before 12.1.6 allow remote authenticated users to execute arbitrary SQL commands by leveraging the Limited Administrator role.
Affected configurations
Node
symantecendpoint_protectionRange≤12.1.5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | endpoint_protection | * | cpe:2.3:a:symantec:endpoint_protection:*:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-9229
2015-09-20 20:59:02
cvelist
cvelist
CVE-2014-9229
2015-09-20 20:00:00
prion
prion
Sql injection
2015-09-20 20:59:00
nessus
nessus
openvas
openvas
Symantec Endpoint Protection Multiple Vulnerabilities (Oct 2015)
2015-10-09 00:00:00
symantec
symantec
Symantec Endpoint Protection Manager and Client Issues
2015-06-17 08:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
8.2
Confidence
Low
EPSS
0.002
Percentile
53.3%
Related for CVE-2014-9229