Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability

Symantec Storage Foundation VxSchedService.EXE Scheduler Service Authentication Bypass Vulnerability

Symantec Storage Foundation is prone to an authentication-bypass vulnerability.

Attackers may exploit this issue to bypass the authentication mechanism in the management console and gain access to the scheduler service socket. This will allow attackers to add arbitrary commands to be executed during normal scheduled runs, compromising affected computers.

Since the affected service is not commonly exposed to unauthorized network hosts, the attacker must have local network access to exploit this issue.

This issue affects Symantec Storage Foundation 5.0 for Windows.