Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:57
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/31773 - Broken Link, Vendor Advisory | |
References | () http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html - Broken Link, Patch, Vendor Advisory | |
References | () http://www.securityfocus.com/bid/31767 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1021072 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.vupen.com/english/advisories/2008/2876 - Broken Link, Patch, Vendor Advisory | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/46007 - Third Party Advisory, VDB Entry |
14 Feb 2024, 15:20
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-312 | |
CPE | cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.8.282:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.8.378:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6:sp2:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.5.299:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.0:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.8.380.0:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp2:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.8.380:*:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6:sp1:*:*:*:*:*:* cpe:2.3:a:symantec:altiris_deployment_solution:6.5.248:*:*:*:*:*:*:* |
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:-:*:*:*:*:*:* |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/46007 - Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html - Broken Link, Patch, Vendor Advisory | |
References | (SECUNIA) http://secunia.com/advisories/31773 - Broken Link, Vendor Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id?1021072 - Broken Link, Third Party Advisory, VDB Entry | |
References | (VUPEN) http://www.vupen.com/english/advisories/2008/2876 - Broken Link, Patch, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/31767 - Broken Link, Third Party Advisory, VDB Entry | |
CVSS |
v2 : v3 : |
v2 : 4.3
v3 : 7.8 |
Information
Published : 2009-06-08 19:30
Updated : 2024-11-21 00:57
NVD link : CVE-2008-6828
Mitre link : CVE-2008-6828
CVE.ORG link : CVE-2008-6828
JSON object : View
Products Affected
symantec
- altiris_deployment_solution
CWE
CWE-312
Cleartext Storage of Sensitive Information