Lucene search

SymantecCVE-2015-6554

HistoryNov 12, 2015 - 3:59 a.m.

CVE-2015-6554

2015-11-1203:59:02

CWE-78

symantec

web.nvd.nist.gov

cve-2015-6554

symantec

endpoint protection manager

sepm

remote attackers

arbitrary os commands

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.005

Percentile

77.6%

JSON

Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to execute arbitrary OS commands via crafted data.

Affected configurations

Nvd

Node

symantecendpoint_protection_managerRange≤12.1ru6mp2

VendorProductVersionCPE
symantecendpoint_protection_manager*cpe:2.3:a:symantec:endpoint_protection_manager:*:ru6mp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
symantec	endpoint_protection_manager	*	cpe:2.3:a:symantec:endpoint_protection_manager::ru6mp2::::::*

References

www.securityfocus.com/bid/77494

www.securitytracker.com/id/1034139

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20151109_00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.7

Confidence

Low

EPSS

0.005

Percentile

77.6%

JSON

Related for CVE-2015-6554