CVE-2011-0551
Symantec Endpoint Protection 11.0.600x-11.0.6300 - Cross-Site Request Forgery
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1025919
Third Party Advisory x_refsource_confirm
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/43662
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/49101
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/74467
Scores
EPSS
0.0026
EPSS Percentile
49.7%
Details
CWE
CWE-352
Status
published
Products (5)
symantec/endpoint_protection
11.0.6000
symantec/endpoint_protection
11.0.6100
symantec/endpoint_protection
11.0.6200
symantec/endpoint_protection
11.0.6200.754
symantec/endpoint_protection
11.0.6300
Published
Aug 15, 2011
Tracked Since
Feb 18, 2026