Admins with Limited Administrator rights are unable to export a Network and Exploit Mitigation Attacks report

book

Article ID: 170665

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

In Symantec Endpoint Protection Manager (SEPM) 14 RU1, you find that Admins with (Limited) Administrator rights  (including View Reports/Full Site rights) are unable to export a Network and Exploit Mitigation Attacks report. When attempting to do so, a "Symantec Endpoint Protection Manager failed to export the log because the request was invalid." error message is shown, even when all rights options are checked. You further find that only admins with System Administrator rights are able to export the report.

In SEPM 12.1 RU6 MP9, a limited user with View Reports and Manage Groups rights is able to export the Monitors > Network Threat Protection > Attacks report without any issues.

Symantec Endpoint Protection Manager failed to export the log because the request was invalid.

Cause

The issue occurs because a log export request is sent to Tomcat via a HTTP URL that incorporates a  "+" character in base64-encoded content, leaving Tomcat unable to parse it.

Environment

SEPM 14 RU1

Resolution

This issue is fixed in Symantec Endpoint Protection manager 14 RU1 MP2.  For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec Endpoint Protection.