PT-2005-4127 · Symantec · Symantec Discovery

Published

2005-10-27

Updated

2013-07-07

CVE-2005-3316

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Symantec Discovery versions 4.5.x through 6.0

Description The issue arises from the installation process of Symantec Discovery, which creates the DiscoveryWeb and DiscoveryRO database accounts with null passwords. This could potentially allow attackers to gain privileges or disrupt the operation of Discovery by setting another password.

Recommendations For Symantec Discovery versions 4.5.x through 6.0, consider setting strong passwords for the DiscoveryWeb and DiscoveryRO database accounts as soon as possible after installation to prevent unauthorized access.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-3316

Affected Products

Symantec Discovery

PT-2005-4127 · Symantec · Symantec Discovery

CVE-2005-3316

Related Identifiers

Affected Products

References · 6