Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Symantec Discovery Web帐号默认口令漏洞
Vulnerability Description
Symantec Discovery是用于跟踪企业硬件和软件资产的解决方案。 Symantec Discovery存在默认的帐号和口令,成功利用这个漏洞的本地或远程攻击者可以无需有效口令便访问数据库。在安装Symantec Discovery时以空口令创建了两个数据库帐号DiscoveryWeb和DiscoveryRO。为DiscoveryWeb帐号分配口令会在当前配置中禁用Symantec Discovery。
CVSS Information
N/A
Vulnerability Type
N/A