Authentication Bypass Vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1

Authentication Bypass Vulnerability in Symantec Endpoint Protection Manager (SEPM) 12.1

CVE-2015-1486 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session.

Learn more about our Web Application Penetration Testing UK.