CVE-2008-6828

CWE-312Cleartext Storage of Sensitive Info3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 86.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Altiris Deployment Solution
Timeline
PublishedJun 8
Latest updateMay 17

Description

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

Patches

Patch: securityresponse.symantec.comPatch: www.vupen.comPatch: securityresponse.symantec.com

🔴Vulnerability Details

2
GHSA
GHSA-mw3c-p8vx-hf5q: Symantec Altiris Deployment Solution 62022-05-17
CVEList
CVE-2008-6828: Symantec Altiris Deployment Solution 62009-06-08
CVE-2008-6828 (HIGH CVSS 7.8) | Symantec Altiris Deployment Solutio | cvebase.io