CVE-2008-6828

Published: Jun 8, 2009Modified: Apr 23, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.

Affected (2)

Products: Symantec: Altiris Deployment Solution

Symantec

1 product

Altiris Deployment Solution

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Symantec Altiris Deployment Solution	Before 6.9.355
Symantec Altiris Deployment Solution	Version 6.9.355

Related CWEs

CWE-312

Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References (12)

http://secunia.com/advisories/31773

Source: cve@mitre.org

Broken LinkVendor Advisory

http://securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.html

Source: cve@mitre.org

Broken LinkPatchVendor Advisory

http://www.securityfocus.com/bid/31767

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id?1021072

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://www.vupen.com/english/advisories/2008/2876

Source: cve@mitre.org

Broken LinkPatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/46007

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://secunia.com/advisories/31773