Symantec ON Command CCM 5.4.x and iCommand 3.0.x has four default usernames and passwords, one of which is hardcoded, which allows remote attackers to gain unauthorized access.
| Software | From | Fixed in |
|---|---|---|
| symantec / on_command_ccm | 5.0 | 5.0.x |
| symantec / on_command_ccm | 5.1 | 5.1.x |
| symantec / on_command_ccm | 5.2 | 5.2.x |
| symantec / on_command_ccm | 5.3 | 5.3.x |
| symantec / on_command_ccm | 5.4 | 5.4.x |
| symantec / on_icommand | 3.0 | 3.0.x |