Описание
AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:altiris:deployment_server_extension_for_ibm_director:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:altiris:deployment_server_extension_for_ibm_director:5.5:*:*:*:*:*:*:*
cpe:2.3:a:altiris:deployment_server_extension_for_ibm_director:6.0:*:*:*:*:*:*:*
cpe:2.3:a:altiris:deployment_server_extension_for_ibm_director:6.1:*:*:*:*:*:*:*
cpe:2.3:a:altiris:deployment_server_extension_for_ibm_director:6.1:sp1:*:*:*:*:*:*
EPSS
Процентиль: 82%
0.01726
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
AClient.exe in Altiris Deployment Solution 6.x and 5.x does not require authentication from the first Deployment Server that it connects to, which allows remote malicious servers to gain administrator access.
EPSS
Процентиль: 82%
0.01726
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other