The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow malicious users to gain privileges or prevent Discovery from running by setting another password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
symantec on command discovery web_4.5 |
||
symantec discovery 6.0 |
||
symantec on command discovery standard_4.5 |