### [CVE-2015-1486](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1486)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The management console in Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP1 allows remote attackers to bypass authentication via a crafted password-reset action that triggers a new administrative session.

### POC

#### Reference
- https://www.exploit-db.com/exploits/37812/

#### Github
No PoCs found on GitHub currently.