HTTP: Symantec Endpoint Protection URI Parameter Reflected Cross-Site Scripting
This signature detect attempts to exploit a known vulnerability against Symantec Endpoint Protection Manager. The vulnerabilities are due to insufficient validation of user input before it is sent back to the user. A remote unauthenticated attacker may exploit these vulnerabilities to execute arbitrary script code in the context of the the current browser session.
Extended Description
Multiple cross-site scripting (XSS) vulnerabilities in console interface scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Affected Products
Symantec endpoint_protection_manager
References
CVE: CVE-2014-3438
Short Name
HTTP:XSS:SYMANTEC-EP-PARAM-XSS
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2014-3438 Cross-Site Endpoint Parameter Protection Reflected Scripting Symantec URI
Release Date
11/20/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Symantec
CVSS Score
4.3