CVE-2007-2619Pcanywhere vulnerability

3 documents3 sources
Severity
4.6MEDIUMNVD
CNA2.1
EPSS
0.1%
top 70.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Pcanywhere
Timeline
PublishedMay 11
Latest updateMay 1

Description

Symantec pcAnywhere 11.5.x and 12.0.x retains unencrypted login credentials for the most recent login within process memory, which allows local administrators to obtain the credentials by reading process memory, a different vulnerability than CVE-2006-3785.

CVSS vector

AV:L/AC:L/C:C/I:N/A:NExploitability: 3.1 | Impact: 6.9

Affected Packages1 packages

NVDsymantec/pcanywhere11.5, 11.5.1, 12.0+2

Patches

Patch: securityresponse.symantec.comPatch: securitytracker.comPatch: securityresponse.symantec.com

🔴Vulnerability Details

2
GHSA
GHSA-ggm4-536h-f6c7: Symantec pcAnywhere 112022-05-01
CVEList
CVE-2007-2619: Symantec pcAnywhere 112007-05-11
CVE-2007-2619 — Symantec Pcanywhere vulnerability | cvebase