CVE-2013-5015

EXPLOITED

Symantec Endpoint Protection Manager - SQL Injection

Title source: rule

Description

SQL injection vulnerability in the management console in Symantec Endpoint Protection Manager (SEPM) 11.0 before 11.0.7405.1424 and 12.1 before 12.1.4023.4080, and Symantec Protection Center Small Business Edition 12.x before 12.1.4023.4080, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.

Exploits (3)

exploitdb WORKING POC VERIFIED

by Chris Graham · pythonremotewindows

https://www.exploit-db.com/exploits/31853

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotewindows

https://www.exploit-db.com/exploits/31917

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by Stefan Viehbock, Chris Graham · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/antivirus/symantec_endpoint_manager_rce.rb

View Code ZIP pw:eip

References (6)

[Third Party Advisory, VDB Entry] http://osvdb.org/103306

[Vendor Advisory] http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140213_00

[Various Sources] https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20140218-0_Symantec_Endpoint_Protection_Multiple_critical_vulnerabilities_wo_poc_v10.txt

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/65467

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/31853

[Exploit, Third Party Advisory] http://www.exploit-db.com/exploits/31917

Scores

EPSS 0.7405

EPSS Percentile 98.8%

Exploitation Intel

VulnCheck KEV 2014-07-11

Classification

CWE

CWE-89

Status draft

Affected Products (6)

symantec/endpoint_protection_manager

symantec/endpoint_protection_manager

symantec/endpoint_protection_manager

symantec/endpoint_protection_manager

symantec/endpoint_protection_manager

symantec/protection_center

Timeline

Published Feb 14, 2014

Tracked Since Feb 18, 2026