Vulnerability Description
Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Symantec | On Command Ccm | 5.0 |
| Symantec | On Icommand | 3.0 |
References
- http://marc.info/?l=bugtraq&m=109571689621784&w=2
- http://secunia.com/advisories/12604ExploitPatchVendor Advisory
- http://www.sarc.com/avcenter/security/Content/2004.09.29.htmlVendor Advisory
- http://www.securityfocus.com/bid/11225PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17447
- http://marc.info/?l=bugtraq&m=109571689621784&w=2
- http://secunia.com/advisories/12604ExploitPatchVendor Advisory
- http://www.sarc.com/avcenter/security/Content/2004.09.29.htmlVendor Advisory
- http://www.securityfocus.com/bid/11225PatchVendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17447
FAQ
What is CVE-2004-1694?
CVE-2004-1694 is a vulnerability with a CVSS score of 7.5 (HIGH). Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access.
How severe is CVE-2004-1694?
CVE-2004-1694 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1694?
Check the references section above for vendor advisories and patch information. Affected products include: Symantec On Command Ccm, Symantec On Icommand.