CVE-2008-6828

7.8HIGH

Key Information:

Vendor: Symantec
Status: Altiris Deployment Solution
Vendor: CVE Published:; 8 June 2009

Summary

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.

References

http://securityresponse.symantec.com/avcenter/security/Co...

x_refsource_CONFIRM

http://secunia.com/advisories/31773

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/46007

vdb-entryx_refsource_XF

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 8, 2009
Vulnerability Reserved
Jun 8, 2009