Is Endpoint Protection Manager impacted by CVE-2023-20860

search cancel

Is Endpoint Protection Manager impacted by CVE-2023-20860

book

Article ID: 265648

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

The Symantec Endpoint Protection Manager (SEPM) utilizes the Spring Framework indicated in CVE-2023-20860.

https://spring.io/security/cve-2023-20860

Environment

Endpoint Protection 14.3 RU6/RU7

Resolution

Broadcom Engineering investigated this vulnerability and found that the Symantec Endpoint Protection Manager (SEPM) is not applicable to the feature used by Endpoint Protection.

CVE-2023-20860 is not a vulnerability on Endpoint Protection 14.3 RU6 or 14.3 RU7.

Feedback

thumb_up Yes

thumb_down No