Vulnerability Details CVE-2016-5304
Open redirect vulnerability in a report-routing component in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.071
EPSS Ranking 91.1%
CVSS Severity
CVSS v3 Score 6.8
CVSS v2 Score 4.9
References
- http://www.securityfocus.com/bid/91447
- http://www.securitytracker.com/id/1036196
- https://www.exploit-db.com/exploits/40041/
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01
- http://www.securityfocus.com/bid/91447
- http://www.securitytracker.com/id/1036196
- https://www.exploit-db.com/exploits/40041/
- https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20160628_01
Products affected by CVE-2016-5304
-
cpe:2.3:a:symantec:endpoint_protection_manager:12.1.6