CVE-2011-0551

Cross-site request forgery (CSRF) vulnerability in the Web Interface in the Endpoint Protection Manager in Symantec Endpoint Protection (SEP) 11.0.600x through 11.0.6300 allows remote attackers to hijack the authentication of administrators for requests that create administrative accounts.

Published: Aug 15, 2011
Updated: Apr 13, 2023
CVE: CVE-2011-0551
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

CWE-352

Affected Software
References

Software	From	Fixed in
symantec / endpoint_protection	11.0.6300	11.0.6300.x
symantec / endpoint_protection	11.0.6200.754	11.0.6200.754.x
symantec / endpoint_protection	11.0.6100	11.0.6100.x
symantec / endpoint_protection	11.0.6000	11.0.6000.x
symantec / endpoint_protection	11.0.6200	11.0.6200.x

http://secunia.com/advisories/43662
http://securitytracker.com/id?1025919
http://www.osvdb.org/74467
http://www.securityfocus.com/bid/49101
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110810_00

Vulnerability Database

289,697

CVE-2011-0551