Symantec ON Command CCM Remote Database Default Password Vulnerability

Symantec ON Command CCM Remote Database Default Password Vulnerability

Reportedly Symantec ON Command CCM is affected by a remote default password vulnerability in the underlying database. This issue is due to a design error in the application that provides a number of default usernames and passwords, some of which cannot be changed.

A attacker may exploit these issues to gain full access to the underlying database. This will allow attackers to view plaintext user credentials as well as other sensitive data.