RULE(RULE ID:316733)

Rule General Information
Release Date: 2016-08-26
Rule Name: Symantec Endpoint Protection Manager Cross Site Request Forgery Vulnerability -1 (CVE-2016-3653)
Rule Protection Details
Description: Multiple cross-site request forgery (CSRF) vulnerabilities in management scripts in Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 allow remote authenticated users to hijack the authentication of arbitrary users.
Impact: An attacker can launch a cross-site request forgery in the context of the affected software. Arbitrary script transmitted from a user that the software trusts can be executed in a successful exploit attempt.
Affected OS: Windows
Reference: SecurityFocusBID:91442
More advisories have been published on the website, please visit for more suggestions: