CVE-2007-3022

N/A Unknown

Published: June 05, 2007 Modified: April 23, 2026

Description

Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, displays the password hash for a user after a failed login attempt, which makes it easier for remote attackers to conduct brute force attacks.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://osvdb.org/36108

Source: cve@mitre.org

http://secunia.com/advisories/25543

Source: cve@mitre.org

http://www.securityfocus.com/bid/24312

Source: cve@mitre.org

http://www.securitytracker.com/id?1018196

Source: cve@mitre.org

http://www.symantec.com/avcenter/security/Content/2007.06.05.html

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2007/2074

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/34740

Source: cve@mitre.org

http://osvdb.org/36108

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/25543

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/24312

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1018196

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.symantec.com/avcenter/security/Content/2007.06.05.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.vupen.com/english/advisories/2007/2074

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/34740

Source: af854a3a-2127-422b-91ae-364da2661108

14 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

1.0%

77th percentile

Exploitation Status

Not in CISA KEV

Affected Vendors

symantec