Описание
Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.
Ссылки
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Broken LinkVendor Advisory
- Broken LinkThird Party AdvisoryVDB Entry
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:*
cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:*
EPSS
Процентиль: 59%
0.00377
Низкий
4.8 Medium
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
почти 4 года назад
Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.
EPSS
Процентиль: 59%
0.00377
Низкий
4.8 Medium
CVSS2
Дефекты
CWE-287