CVE-2015-1485

Currently unrated

Key Information:

Vendor: Symantec
Status: Data Loss Prevention
Vendor: CVE Published:; 28 June 2015

Summary

Cross-site request forgery (CSRF) vulnerability in the administration console in the Enforce Server in Symantec Data Loss Prevention (DLP) before 12.5.2 allows remote attackers to hijack the authentication of administrators.

References

http://www.securitytracker.com/id/1032710

vdb-entryx_refsource_SECTRACK

http://www.symantec.com/security_response/securityupdates...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/75289

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Jun 28, 2015
Vulnerability Reserved
Feb 5, 2015