CVE-2007-5555

Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka "Authentication Credentials Information Leakage in Altiris Deployment Solution." NOTE: this description is based on a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes.

CVSS v2.0 6.9 MEDIUM

6.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.irmplc.com/index.php/111-Vendor-Alerts	Patch
http://www.irmplc.com/index.php/111-Vendor-Alerts	Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:symantec:altiris_deployment_solution:6:*:*:*:*:*:*:*

History

21 Nov 2024, 00:38

Type	Values Removed	Values Added
References	~~() http://www.irmplc.com/index.php/111-Vendor-Alerts - Patch~~	() http://www.irmplc.com/index.php/111-Vendor-Alerts - Patch

Information

Published : 2007-10-18 20:17

Updated : 2024-11-21 00:38

NVD link : CVE-2007-5555

Mitre link : CVE-2007-5555

CVE.ORG link : CVE-2007-5555

JSON object : View

Products Affected

symantec

altiris_deployment_solution

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2007-5555", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2007-10-18T20:17:00.000", "references": [{"url": "http://www.irmplc.com/index.php/111-Vendor-Alerts", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://www.irmplc.com/index.php/111-Vendor-Alerts", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Symantec Altiris Deployment Solution allows attackers to obtain authentication credentials via unknown vectors, aka \"Authentication Credentials Information Leakage in Altiris Deployment Solution.\" NOTE: this description is based on a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en Symantec Altiris Deployment Solution, permite a atacantes obtener credenciales de autenticaci\u00f3n por medio de vectores desconocidos, tambi\u00e9n se conoce como \"Authentication Credentials Information Leakage in Altiris Deployment Solution\". NOTA: esta descripci\u00f3n est\u00e1 basada en un aviso preliminar vago sin informaci\u00f3n procesable. Sin embargo, dado que es de un investigador muy conocido, se le est\u00e1 asignando un identificador CVE para fines de seguimiento."}], "lastModified": "2024-11-21T00:38:10.510", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:symantec:altiris_deployment_solution:6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "84C46569-313C-46F9-A7AE-62588A41E468"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}