CVE-2008-6828

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
VendorProductVersion
symantecaltiris_deployment_solution
𝑥
< 6.9.355
symantecaltiris_deployment_solution
6.9.355
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/31773
http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html
http://www.securityfocus.com/bid/31767
http://www.securitytracker.com/id?1021072
http://www.vupen.com/english/advisories/2008/2876
https://exchange.xforce.ibmcloud.com/vulnerabilities/46007
http://secunia.com/advisories/31773
http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html
http://www.securityfocus.com/bid/31767
http://www.securitytracker.com/id?1021072
http://www.vupen.com/english/advisories/2008/2876
https://exchange.xforce.ibmcloud.com/vulnerabilities/46007