← Back

CVE-2007-3022

nvd nist
Published: Jun 5, 2007Modified: Apr 23, 2026

JSON object

Loading...
4.3
Vector
AV:N/AC:M/Au:N/C:P/I:N/A:N
Exploitability: 8.6 / Impact: 2.9
Source: NVD

Description

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.

Affected (11)

Symantec
3 products
Client Security
Norton Antivirus
Reporting Server
Configuration A
11 vulnerable
Vulnerable SoftwareAffected Versions
Symantec
Client Security
Version 3.1.394
Client Security
Version 3.1.396
Client Security
Version 3.1.400
Client Security
Version 3.1.401
Client Security
Version 3.1
Symantec
Norton Antivirus
Version 10.0.2.2021
Norton Antivirus
Version 10.1.396
Norton Antivirus
Version 10.1.400
Norton Antivirus
Version 10.1.401
Norton Antivirus
Version 10.1
Reporting Server
Up to 1.0.197.0

References (14)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.