CVE-2009-3107

CWE-287Improper Authentication3 documents3 sources
Severity
4.8MEDIUM
EPSS
0.5%
top 33.54%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Symantec Altiris Deployment Solution
Timeline
PublishedSep 8
Latest updateMay 2

Description

Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.

CVSS vector

AV:A/AC:L/C:P/I:P/A:NExploitability: 6.5 | Impact: 4.9

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-fc3j-3f83-7fhr: Symantec Altiris Deployment Solution 62022-05-02
CVEList
CVE-2009-3107: Symantec Altiris Deployment Solution 62009-09-08
CVE-2009-3107 (MEDIUM CVSS 4.8) | Symantec Altiris Deployment Solutio | cvebase.io