CVE-2007-3022
N/A
N/A
Summary
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34740
- http://www.securityfocus.com/bid/24312
- http://osvdb.org/36108
- http://www.symantec.com/avcenter/security/Content/2007.06.05.html
- http://www.securitytracker.com/id?1018196
- http://www.vupen.com/english/advisories/2007/2074
- http://secunia.com/advisories/25543
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/34740
- http://www.securityfocus.com/bid/24312
- http://osvdb.org/36108
- http://www.symantec.com/avcenter/security/Content/2007.06.05.html
- http://www.securitytracker.com/id?1018196
- http://www.vupen.com/english/advisories/2007/2074
- http://secunia.com/advisories/25543
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.