Remote Enumeration of Administrator Accounts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5

CVE-2016-3649 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated administrators to enumerate administrator accounts via modified GET requests.

Learn more about our Web Application Penetration Testing UK.