Third-Party Package Updates in Symantec Endpoint Protection 14 App - April 2025
Advisory ID: SVD-2025-0409
CVE ID: Multiple
Published: 2025-04-09
Last Update: 2025-04-09
Description
Splunk remedied common vulnerabilities and exposures (CVEs) in Third Party Packages in Symantec Endpoint Protection 14 App version 2.1.11 and higher, including the following:
| Package | Remediation | CVE | Severity |
|---|---|---|---|
| certifi1 | Package Removed | CVE-2022-23491 | High |
1 Symantec Endpoint Protection 14 removed the certifi in sep14/wheels folder to remedy CVE-2022-23491
Solution
Upgrade Symantec Endpoint Protection 14 to version 2.1.11 or higher.
Product Status
| Product | Version | Component | Affected Version | Fix Version |
|---|---|---|---|---|
| Symantec Endpoint Protection 14 | 2.1.11 | Below 2.1.11 | 2.1.11 |
Severity
For the CVEs in this list, Splunk adopted the vendor’s severity rating or the National Vulnerability Database (NVD) common vulnerability scoring system (CVSS) rating, as available.