VULHUB ™

Reportedly Symantec ON Command CCM is affected by a remote default password vulnerability in the underlying database. This issue is due to a design error in the application that provides a number of default usernames and passwords, some of which cannot be changed. A attacker may exploit these issues to gain full access to the underlying database. This will allow attackers to view plaintext user credentials as well as other sensitive data.

Reportedly Symantec ON Command CCM is affected by a remote default password vulnerability in the underlying database. This issue is due to a design error in the application that provides a number of default usernames and passwords, some of which cannot be changed. A attacker may exploit these issues to gain full access to the underlying database. This will allow attackers to view plaintext user credentials as well as other sensitive data.