Cleartext Password Storage in Symantec LiveUpdate by Symantec
CVE-2001-0549

Currently unrated

Key Information:

Vendor: Symantec
Status: Liveupdate
Vendor: CVE Published:; 14 August 2001

What is CVE-2001-0549?

Symantec LiveUpdate 1.5 is vulnerable due to the storage of proxy passwords in cleartext within a registry key. This design flaw can potentially allow local users with access to the registry to discover sensitive proxy credentials, posing a risk of unauthorized access to network resources. It is essential for users to be aware of this vulnerability and take appropriate measures to secure sensitive information.

References

http://www.kb.cert.org/vuls/id/814187

third-party-advisoryx_refsource_CERT-VN

https://exchange.xforce.ibmcloud.com/vulnerabilities/7013

vdb-entryx_refsource_XF

http://www.sarc.com/avcenter/security/Content/2001_07_20....

x_refsource_CONFIRM

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 14, 2001
Vulnerability Reserved
Jul 18, 2001