Lucene search

[email protected]NVD:CVE-2009-3107

HistorySep 08, 2009 - 11:30 p.m.

CVE-2009-3107

2009-09-0823:30:00

CWE-287

[email protected]

web.nvd.nist.gov

4.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:P/A:N

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.3%

JSON

Symantec Altiris Deployment Solution 6.9.x before 6.9 SP3 Build 430 does not properly restrict access to the listening port for the DBManager service, which allows remote attackers to bypass authentication and modify tasks or the Altiris Database via a connection to this service.

Affected configurations

NVD

Node

symantecaltiris_deployment_solutionMatch6.9

symantecaltiris_deployment_solutionMatch6.9sp1

symantecaltiris_deployment_solutionMatch6.9sp2

References

secunia.com/advisories/36502

www.securityfocus.com/bid/36110

www.securitytracker.com/id?1022779

www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2009&suid=20090826_00

4.8 Medium

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:P/A:N

7 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

54.3%

JSON

Related for NVD:CVE-2009-3107

cve1 cvelist1 nessus2 prion1 symantec1