High severity7.8NVD Advisory· Published Jun 8, 2009· Updated Apr 23, 2026

CVE-2008-6828

Description

Symantec Altiris Deployment Solution 6.x before 6.9.355 SP1 stores the Application Identity Account password in memory in cleartext, which allows local users to gain privileges and modify clients of the Deployment Solution Server.

Affected products

Symantec/Altiris Deployment Solution2 versions
cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:symantec:altiris_deployment_solution:*:*:*:*:*:*:*:*range: <6.9.355
- cpe:2.3:a:symantec:altiris_deployment_solution:6.9.355:-:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

securityresponse.symantec.com/avcenter/security/Content/2008.10.20b.htmlnvdBroken LinkPatchVendor Advisory
www.vupen.com/english/advisories/2008/2876nvdBroken LinkPatchVendor Advisory
secunia.com/advisories/31773nvdBroken LinkVendor Advisory
www.securityfocus.com/bid/31767nvdBroken LinkThird Party AdvisoryVDB Entry
www.securitytracker.com/idnvdBroken LinkThird Party AdvisoryVDB Entry
exchange.xforce.ibmcloud.com/vulnerabilities/46007nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000