CVE-2014-3437

Symantec Endpoint Protection Manager < 12.1 RU5 - XML External Entity Injection via Management Console

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-3437.

AI-analyzed exploit summary This advisory details multiple vulnerabilities in Symantec Endpoint Protection, including XXE, XSS, and arbitrary file write flaws. It provides technical explanations, proof-of-concept examples, and exploitation scenarios, demonstrating a deep understanding of the vulnerabilities.

Description

The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU5 allows remote attackers to read arbitrary files or send TCP requests to intranet servers via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

Exploits (1)

exploitdb WRITEUP

webappsjsp

https://www.exploit-db.com/exploits/35181

View Code ZIP pw:eip

This advisory details multiple vulnerabilities in Symantec Endpoint Protection, including XXE, XSS, and arbitrary file write flaws. It provides technical explanations, proof-of-concept examples, and exploitation scenarios, demonstrating a deep understanding of the vulnerabilities.

Classification

Writeup 100%

Attack Type

Xss | Ssrf | Dos | Info Leak

Complexity

Moderate

Reliability

Reliable

Target: Symantec Endpoint Protection 12.1.4023.4080

No auth needed

Prerequisites: Ability to perform MitM attacks to impersonate securityresponse.symantec.com · Network access to the target system

MITRE ATT&CK