Symantec.Altiris.Deployment.Domain.Credential.Disclosure
Description
This indicates an attempt to exploit a domain-credential-disclosure vulnerability in Symantec Altiris Deployment Solution.
This vulnerability is due to a design error in the way the input domain is sanitized. A remote attacker with authorized network access can request administrative encrypted credential. Due to a weaknesses in the encryption, this issue may result in the unauthorized exposure of the domain credentials.
Affected Products
Symantec Altiris Deployment Solution 6.8.x & 6.9.x
All builds prior to 6.9.176
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Update to Symantec Altiris Deployment Solution 6.9.176 from
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |