Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-1644
HistoryMar 29, 2014 - 1:55 a.m.

CVE-2014-1644

2014-03-2901:55:00
CWE-255
[email protected]
web.nvd.nist.gov
32
cve-2014-1644
symantec
liveupdate administrator
security vulnerability
password reset
remote attackers

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.861 High

EPSS

Percentile

98.6%

JSON

The forgotten-password feature in forcepasswd.do in the management GUI in Symantec LiveUpdate Administrator (LUA) 2.x before 2.3.2.110 allows remote attackers to reset arbitrary passwords by providing the e-mail address associated with a user account.

Related

checkpoint_advisories 1
seebug 1
prion 1
nessus 1
securityvulns 2
openvas 1
symantec 1
checkpoint_advisories
checkpoint_advisories
Symantec LiveUpdate Administrator Security Bypass (CVE-2014-1644)
2014-04-13 00:00:00
seebug
seebug
Symantec LiveUpdate AdministratorๆœชๆŽˆๆƒ่ฎฟ้—ฎๆผๆดž
2014-03-31 00:00:00
prion
prion
Default credentials
2014-03-29 01:55:00
nessus
nessus
Symantec LiveUpdate Administrator < 2.3.2.110 Multiple Vulnerabilities (SYM14-005)
2014-03-31 00:00:00
securityvulns
securityvulns
SEC Consult SA-20140328-0 :: Multiple vulnerabilities in Symantec LiveUpdate Administrator
2014-03-31 00:00:00
Symantec LiveUpdate Administrator security vulnerabilities
2014-03-31 00:00:00
openvas
openvas
Symantec LiveUpdate Administrator Multiple Vulnerabilities
2014-04-03 00:00:00
symantec
symantec
Symantec LiveUpdate Administrator Unauthenticated/Unauthorized Account Access Modification and SQL i
2014-03-27 08:00:00

6.7 Medium

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.861 High

EPSS

Percentile

98.6%

JSON
Related for CVE-2014-1644
checkpoint_advisories1seebug1prion1nessus1securityvulns2openvas1symantec1