Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1694

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1694
Last Modified 05 Sep 2008 04:42:05
Published 21 Sep 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1694

Summary

Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access.

Vulnerable Systems

Application

  • Symantec On Command Ccm 5.0

  • Symantec On Command Ccm 5.1

  • Symantec On Command Ccm 5.2

  • Symantec On Command Ccm 5.3

  • Symantec On Command Ccm 5.4

  • Symantec On Icommand 3.0


References

XF - oncommand-multiple-default-accounts(17447)

BID - 11225

SECUNIA - 12604

CONFIRM - http://www.sarc.com/avcenter/security/Content/2004.09.29.html

BUGTRAQ - 20040920 Default username/password pairs in ON Command CCM 5.x database


Last Updated: 27 May 2016 10:39:08