Symantec Endpoint Protection Manager - Directory Traversal
- Published: 4 Jul 2016
Symantec Endpoint Protection Manager - Directory Traversal
CVE-2016-5307
Share
Type
- Directory Traversal
Severity
- Medium
Affected products
- Symantec Endpoint Protection Manager
CVE Reference
- CVE-2016-5307
Timeline
| 2016-03-02 | Issue reported to Symantec |
| 2016-03-04 | Symantec confirms recipient and will review issue |
| 2016-04-01 | MWR requests update |
| 2016-04-04 | Symantec confirms issue and a patch will be issued in the next release |
| 2016-05-25 | Symantec updates MWR that issue will be fixed as part of version 12.1.6 MP5 |
| 2016-06-28 | Patch released as part of 12.1-RU6-MP5 |
Description
Symantec Endpoint Protection is a client-server solution that protects laptops, desktops, and servers in corporate networks against malware, risks, and vulnerabilities. Symantec Endpoint Protection Manager is the management server component that manages the client computers with Symantec Endpoint Protection enabled.
Symantec Endpoint Protection Manager contained a directory traversal vulnerability that allowed unauthenticated users access to arbitrary files on the server.
Impact
This vulnerability would allow unauthenticated threat agents unauthorised access to resources on the server, which may contain sensitive information such as configuration files, log files and/or source codes.
Interim Workaround
Ensure that no sensitive files are stored within the web root directory.
Solution
Update to Symantec Endpoint Protection Manager 12.1-RU6-MP5.
Technical Details
Please refer to the attached advisory above.