CVE-2017-15531

Summary

Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. A remote attacker can use brute force search to guess a user password and gain access to Reporter.

Affected Software

VendorProductVersion RangeStatus
Symantec CorporationReporter9.5 prior to 9.5.4.1affected
Symantec CorporationReporter10.x prior to 10.2affected

Weaknesses

  • Improper Restriction of Excessive Authentication Attempts

ADP Enrichment

CVE Program Container

Additional References

References