CVE-2013-5008

The agent and task-agent components in Symantec Management Platform 7.0 and 7.1 before 7.1 SP2 Mp1.1v7 rollup, as used in certain Altiris products, use the same registry-entry encryption key across different customers' installations, which makes it easier for local users to obtain sensitive information about package-server access, or cause a denial of service, by leveraging knowledge of this key.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:symantec:management_platform:7.1:*:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:*:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.1:sp1:*:*:*:*:*:*
cpe:2.3:a:symantec:management_platform:7.0:sp1:*:*:*:*:*:*

Information

Published : 2013-10-10 03:55

Updated : 2013-10-10 13:10


NVD link : CVE-2013-5008

Mitre link : CVE-2013-5008


JSON object : View

CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

Advertisement

dedicated server usa

Products Affected

symantec

  • management_platform