Vulnerability Details : CVE-2008-6828
Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.
Products affected by CVE-2008-6828
- cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.8:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp1:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.8:sp2:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.8.282:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.8.378:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.8.380:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.8.380.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.5.248:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.5.299:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9.164:*:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6:sp2:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6:sp1:*:*:*:*:*:*
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9.176:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-6828
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-6828
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:L/AC:L/Au:S/C:P/I:P/A:P |
3.1
|
6.4
|
NIST |
CWE ids for CVE-2008-6828
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-6828
-
http://www.securitytracker.com/id?1021072
-
http://www.vupen.com/english/advisories/2008/2876
Webmail: access your OVH emails on ovhcloud.com | OVHcloudPatch;Vendor Advisory
-
http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html
Patch;Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/46007
-
http://www.securityfocus.com/bid/31767
Jump to