Description
Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
References (5)
Core 5
Core References
Mailing List mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2004-February/017414.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15212
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107694794031839&w=2
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/9784
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/4117
Scores
EPSS
0.0075
EPSS Percentile
73.4%
Details
Status
published
Products (3)
symantec/firewall_vpn_appliance_100
symantec/firewall_vpn_appliance_200
symantec/firewall_vpn_appliance_200r
Published
Mar 15, 2004
Tracked Since
Feb 18, 2026