4.3
CVE-2007-3022
- EPSS 2.05%
- Veröffentlicht 05.06.2007 21:30:00
- Zuletzt bearbeitet 16.06.2026 22:40:53
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Symantec ≫ Client Security Version3.1
Symantec ≫ Client Security Version3.1.394
Symantec ≫ Client Security Version3.1.396
Symantec ≫ Client Security Version3.1.400
Symantec ≫ Client Security Version3.1.401
Symantec ≫ Norton Antivirus Version10.0.2.2021 Editioncorporate
Symantec ≫ Norton Antivirus Version10.1 Editioncorporate
Symantec ≫ Norton Antivirus Version10.1.396 Editioncorporate
Symantec ≫ Norton Antivirus Version10.1.400 Editioncorporate
Symantec ≫ Norton Antivirus Version10.1.401 Editioncorporate
Symantec ≫ Reporting Server Version <= 1.0.197.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.05% | 0.788 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/25543
http://www.securitytracker.com/id?1018196
http://www.vupen.com/english/advisories/2007/2074
http://osvdb.org/36108
http://www.securityfocus.com/bid/24312
http://www.symantec.com/avcenter/security/Content/2007.06.05.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/34740