CVE-2020-12593 PoC — Broadcom Symantec Endpoint Detection And Response 授权问题漏洞

Source

https://github.com/nasbench/CVE-2020-12593

Associated Vulnerability

Title:Broadcom Symantec Endpoint Detection And Response 授权问题漏洞 (CVE-2020-12593)
Description:Broadcom Symantec Endpoint Detection And Response是美国博通（Broadcom）公司的一套端点安全检测和响应解决方案。 Symantec Endpoint Detection & Response 4.5之前版本存在授权问题漏洞，该漏洞源于容易出现信息泄露问题，这是一种可能允许未经授权访问数据的漏洞类型。

Description

CVE-2020-12593 POC

Readme

# CVE-2020-12593
CVE-2020-12593 POC

Symantec EDR on-prem version prior to "4.5" is prone to an information disclosure vulnerability via the following URL :

```
https://@IP_EDR/atpapi/v2/policies/blacklist<
```

### Reference 

* https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Endpoint-Detection-Response-Security-Update/SYMSA16562

File Snapshot


 [4.0K]  /data/pocs/e98bc614b264e32452f43167b4461bfe89319516
└── [ 370]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!