Vulnerability Details CVE-2008-6828
Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.8%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/31773
- http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html
- http://www.securityfocus.com/bid/31767
- http://www.securitytracker.com/id?1021072
- http://www.vupen.com/english/advisories/2008/2876
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46007
- http://secunia.com/advisories/31773
- http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html
- http://www.securityfocus.com/bid/31767
- http://www.securitytracker.com/id?1021072
- http://www.vupen.com/english/advisories/2008/2876
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46007
Products affected by CVE-2008-6828
-
cpe:2.3:a:symantec:altiris_deployment_solution:-
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.8
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176
-
cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355