Three vulnerabilities have been reported in Symantec Reporting Server, which can be exploited by malicious people to gain knowledge of sensitive information, bypass certain security restrictions, or manipulate certain files.
1) A certain file that is created when exporting data from the Reporting Server can be manipulated to create and execute a malicious file instead.
2) An unspecified error during a failed login attempt can be exploited to reveal a hashed version of the password.
3) Unspecified errors within the SCS Reporting Server can be exploited to disable and bypass the authentication mechanism.
The vulnerabilities reportedly affect version 126.96.36.199.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org
Subject: Symantec Reporting Server Three Vulnerabilities
No posts yet
You must be logged in to post a comment.
Secunia Customer Login
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.