Description
Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/17447
Patch, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/11225
Vendor Advisory x_refsource_confirm
http://www.sarc.com/avcenter/security/Content/2004.09.29.html
Exploit, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/12604
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=109571689621784&w=2
Scores
EPSS
0.0136
EPSS Percentile
80.4%
Details
Status
published
Products (6)
symantec/on_command_ccm
5.0
symantec/on_command_ccm
5.1
symantec/on_command_ccm
5.2
symantec/on_command_ccm
5.3
symantec/on_command_ccm
5.4
symantec/on_icommand
3.0
Published
Sep 21, 2004
Tracked Since
Feb 18, 2026