Password Exposure in Symantec FireWall/VPN Appliance Model 200
CVE-2004-0190

Currently unrated

Key Information:

Vendor: Symantec
Status: Firewall Vpn Appliance 200; Firewall Vpn Appliance 200r; Firewall Vpn Appliance 100
Vendor: CVE Published:; 15 March 2004

Summary

The Symantec FireWall/VPN Appliance Model 200 has a security vulnerability that records administrators' passwords in cleartext. This exacerbates security risks as such sensitive information may be cached on the administrator's local system or accessible via a proxy. Attackers exploiting this vulnerability could easily capture these passwords, potentially allowing unauthorized access to the management interface. It is critical for administrators to be aware of this issue and implement necessary security measures to mitigate the risk of credential theft.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/15212

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=107694794031839&w=2

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/9784

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Mar 15, 2004
Vulnerability Reserved
Mar 3, 2004