CVE-2019-9697

Summary

An information disclosure vulnerability in the Management Center (MC) REST API 2.0, 2.1, and 2.2 prior to 2.2.2.1 allows a malicious authenticated user to obtain passwords for external backup and CPL policy import servers that they might not otherwise be authorized to access.

Affected Software

VendorProductVersion RangeStatus
Symantec CorporationManagement Center (MC)2.0affected
Symantec CorporationManagement Center (MC)2.1affected
Symantec CorporationManagement Center (MC)2.2 prior to 2.2.2.1affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References