CVE-2006-1284

3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.2%

top 52.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Symantec Ghost Solutions Suite Symantec Norton Ghost

Timeline

PublishedMar 19

Latest updateMay 1

Description

The installation of SQLAnywhere in Symantec Ghost 8.0 and 8.2, as used in Symantec Ghost Solutions Suite (SGSS) 1.0, includes a default administrator login account and password, which allows local users to gain privileges or modify tasks.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDsymantec/ghost_solutions_suite1.0

▶NVDsymantec/norton_ghost8.0, 8.2+1

🔴Vulnerability Details

GHSA

GHSA-rgxp-gcj8-82q9: The installation of SQLAnywhere in Symantec Ghost 8↗2022-05-01

▶

CVEList

CVE-2006-1284: The installation of SQLAnywhere in Symantec Ghost 8↗2006-03-19

▶