Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Endpoint Protection Manager 安全漏洞
Vulnerability Description
Symantec Endpoint Protection Manager(SEPM)是美国赛门铁克(Symantec)公司的一套企业级病毒防护软件。该软件可防范恶意攻击,如病毒、蠕虫、特洛伊木马等。 SEPM 12.1版本的管理控制台中存在安全漏洞,该漏洞源于8445端口没有有效开启HTTP Strict Transport Security。远程攻击者可通过嗅探网络利用该漏洞泄露敏感信息,或实施重定向攻击。
CVSS Information
N/A
Vulnerability Type
N/A