Is SEPM, SEP, or LUA vulnerable to CVE-2018-11776 and CVE-2024-53677?

search cancel

Is SEPM, SEP, or LUA vulnerable to CVE-2018-11776 and CVE-2024-53677?

book

Article ID: 394088

calendar_today

Updated On:

Products

Endpoint Security Complete Endpoint Protection Endpoint Security

Issue/Introduction

You seek to know if Symantec Endpoint Protection Manager (SEPM), Symantec Endpoint Protection (SEP), or Live Update Administrator (LUA) are vulnerable to CVE-2018-11776 and CVE-2024-53677.

Environment

Symantec Endpoint Protection Manager (SEPM)
Symantec Endpoint Protection (SEP)
Live Update Administrator (LUA)

Resolution

SEPM, SEP and LUA are NOT impacted by CVE-2018-11776 / CVE-2024-53677, because they do not use Apache Struts

Additional Information

NOTE: Additional IPS coverage was added to all products using [SID: 34961] Web Attack: Apache Struts RCE CVE-2024-53677
To ensure you have the latest coverage make sure your IPS content is up to date.

CVE-2018-11776: https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=35289

Feedback

thumb_up Yes

thumb_down No