Medium severity5.3NVD Advisory· Published Jun 30, 2016· Updated May 6, 2026

CVE-2016-5306

Description

Symantec Endpoint Protection Manager (SEPM) 12.1 before RU6 MP5 does not properly implement the HSTS protection mechanism, which makes it easier for remote attackers to obtain sensitive information by sniffing the network for unintended HTTP traffic on port 8445.

Affected products

Symantec/Endpoint Protection Manager
cpe:2.3:a:symantec:endpoint_protection_manager:*:mp4:*:*:*:*:*:*
Range: <=12.1.6

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.symantec.com/security_response/securityupdates/detail.jspnvdVendor Advisory
www.securityfocus.com/bid/91449nvd
www.securitytracker.com/id/1036196nvd

News mentions

No linked articles in our index yet.

cvss	0.345
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000