CVE-2008-1754

CWE-3103 documents3 sources
Severity
1.7LOW
EPSS
0.1%
top 75.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Altiris Deployment Solution
Timeline
PublishedApr 11
Latest updateMay 1

Description

Symantec Altiris Deployment Solution before 6.9.164 stores the Deployment Solution Agent (aka AClient) password in cleartext in memory, which allows local users to obtain sensitive information by dumping the AClient.exe process memory.

CVSS vector

AV:L/AC:L/C:P/I:N/A:NExploitability: 3.1 | Impact: 2.9

Affected Packages1 packages

Patches

Patch: securityresponse.symantec.comPatch: securityresponse.symantec.com

🔴Vulnerability Details

2
GHSA
GHSA-8j7c-jhc4-6fcv: Symantec Altiris Deployment Solution before 62022-05-01
CVEList
CVE-2008-1754: Symantec Altiris Deployment Solution before 62008-04-11
CVE-2008-1754 (LOW CVSS 1.7) | Symantec Altiris Deployment Solutio | cvebase.io