QID 376450

Date Published: 2022-04-14

QID 376450: Symantec Endpoint Protection Manager (SEPM) Log4j Vulnerability (SYMSA19793)

Symantec Endpoint Protection, developed by Broadcom Inc., is a security software suite that consists of anti-malware, intrusion prevention and firewall features for server and desktop computers.

Symantec Endpoint Protection manager are affected by log4j remote code execution vulnerability.

Affected Versions:
SEPM versions from 14.2 prior to 14.3 RU3 build 5427

QID Detection Logic (Authenticated):
This QID checks for the vulnerable version of Symantec Endpoint Protection Manager (SEPM)

Successful exploitation of these vulnerabilities may allow an remote unauthenticated attacker to execute arbitrary code on the target system.

  • CVSS V3 rated as Critical - 10 severity.
  • CVSS V2 rated as Critical - 9.3 severity.
  • Solution
    The vendor has released patch. Please visit SYMSA19793 (Symantec Endpoint Protection Manager) to get the Fixed version Information.
    You can download the Symantec Endpoint Protection on Broadcom Download Center and visit here for download instruction.Workaround:
    Please refer to SYMSA19793 (Symantec Endpoint Protection Manager) for mitigation information.

    CVEs related to QID 376450

    Software Advisories
    Advisory ID Software Component Link
    SYMSA19793 ( Symantec Endpoint Protection Manager) URL Logo support.broadcom.com/web/ecx/support-content-notification/-/external/content/security-advisories/Symantec-Security-Advisory-for-Log4j-2-CVE-2021-44228-Vulnerability/SYMSA19793