Support Content Notification - Support Portal

Symantec Security Update

Product/Component

Data Center Security Server

1 more products

Notification Id

18255

Last Updated

22 June 2021

Initial Publication Date

21 June 2021

Status

CLOSED

Severity

CVSS Base Score

(See scores below)

WorkAround

Affected CVE

Symantec Endpoint Protection, Data Center Security and Cloud Workload Protection Security Update

Summary

Symantec – A Division of Broadcom has released updates to address issues that were discovered in the Symantec Endpoint Protection Manager (SEPM), Symantec Endpoint Protection (SEP), Data Center Security (DCS) and Cloud Workload Protection (CWP) products.

Affected Product(s)

Symantec Endpoint Protection Manager (SEPM)
CVE	Affected Version(s)	Remediation
CVE-2020-12596	Prior to 14.3 RU2	Upgrade to 14.3 RU2

Symantec Endpoint Protection (SEP) Windows Client

CVE

Affected Version(s)

Remediation

CVE-2020-12597

Prior to 14.3 RU1 MP1

Upgrade to 14.3 RU1 MP1 (or later)

**Note: This issue only impacts SEP if it is managed by ICDm or has connected to an ICDm-connected SEPM

Data Center Security (DCS) Windows Agent

CVE

Affected Version(s)

Remediation

CVE-2020-12597

Prior to 6.9.1

Upgrade to 6.9.1

**Note: This issue only impacts DCS Agent if Intrusion Prevention is enabled. Prevention policy enforcement mitigates the issue.

Cloud Workload Protection (CWP) Windows Client
CVE	Affected Version(s)	Remediation
CVE-2020-12597	Prior to 1.6.1	Upgrade to 1.6.1

Issue Details

CVE-2020-12596
Severity / CVSS v3.x:	Medium / 5.5 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
References:	NVD: CVE-2020-12596
Impact:	HTTPS GET parameters include tokens
Description:	Session tokens in GET requests may be exposed which could potentially lead to values being logged.

CVE-2020-12597
Severity / CVSS v3.x:	High / 7.3 AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H
References:	NVD: CVE-2020-12597
Impact:	Unhandled Exception
Description:	An unhandled exception in a common driver may result in a denial of service issue.

Mitigation

The following product updates have been released to remediate these issues:

SEPM 14.3 RU2
SEP Windows Client 14.3 RU1 MP1 (or later)
DCS Windows Agent 6.9.1
CWP Windows Client 1.6.1

In addition, Symantec has released blocking and detection signatures for further protection:

ISB.Heuristic!gen49

Acknowledgements

CVE-2020-12596: Krzysztof Przybylski https://www.linkedin.com/in/perfect/
CVE-2020-12597: Michael Garrison State Farm Information Security @p0shkatz