CVE-2007-3022

Name of the Vulnerable Software and Affected Versions: Symantec Reporting Server versions 1.0.197.0 through 1.0.223.0 Symantec Client Security versions 3.1 and later (affected versions not specified) Symantec AntiVirus Corporate Edition (SAV CE) versions 10.1 and later (affected versions not specified)

Description: The issue allows remote attackers to more easily conduct brute force attacks due to the display of a user's password hash after a failed login attempt.

Recommendations: For Symantec Reporting Server versions 1.0.197.0 through 1.0.223.0, update to version 1.0.224.0 or later. For Symantec Client Security and Symantec AntiVirus Corporate Edition, at the moment, there is no information about a newer version that contains a fix for this vulnerability.