Lucene search
MitreCVE-2009-3107HistorySep 08, 2009 - 11:30 p.m.
CVE-2009-3107
2009-09-0823:30:00
CWE-287
mitre
web.nvd.nist.gov
30
symantec
altiris
deployment solution
authentication bypass
remote attackers
security vulnerability
CVSS2
4.8
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
AI Score
7.2
Confidence
Low
EPSS
0.002
Percentile
54.3%
Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.
Affected configurations
Node
symantecaltiris_deployment_solutionMatch6.9
ORsymantecaltiris_deployment_solutionMatch6.9sp1
ORsymantecaltiris_deployment_solutionMatch6.9sp2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| symantec | altiris_deployment_solution | 6.9 | cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:* |
| symantec | altiris_deployment_solution | 6.9 | cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp1:*:*:*:*:*:* |
| symantec | altiris_deployment_solution | 6.9 | cpe:2.3:a:symantec:altiris_deployment_solution:6.9:sp2:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2009-3107
2009-09-08 23:30:00
cvelist
cvelist
CVE-2009-3107
2009-09-08 23:00:00
nessus
nessus
prion
prion
Authentication flaw
2009-09-08 23:30:00
symantec
symantec
Symantec Altiris Deployment Solution Multiple Vulnerabilities
2009-08-26 08:00:00
CVSS2
4.8
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:L/Au:N/C:P/I:P/A:N
AI Score
7.2
Confidence
Low
EPSS
0.002
Percentile
54.3%
Related for CVE-2009-3107