CVE-2007-3095

Unspecified vulnerability in Symantec Reporting Server 1.0.197.0, and other versions before 1.0.224.0, as used in Symantec Client Security 3.1 and later, and Symantec AntiVirus Corporate Edition (SAV CE) 10.1 and later, allows attackers to "disable the authentication system" and bypass authentication via unknown vectors.

Published: Jun 7, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-3095
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
symantec / norton_antivirus	10.1	10.1.x
symantec / norton_antivirus	10.1.400	10.1.400.x
symantec / norton_antivirus	10.1.401	10.1.401.x
symantec / client_security	3.1.396	3.1.396.x
symantec / norton_antivirus	10.1.396	10.1.396.x
symantec / client_security	3.1.401	3.1.401.x
symantec / client_security	3.1.400	3.1.400.x
symantec / reporting_server	-	1.0.197.0.x
symantec / client_security	3.1	3.1.x
symantec / client_security	3.1.394	3.1.394.x
symantec / norton_antivirus	10.0.2.2021	10.0.2.2021.x

Vulnerability Database

289,697

CVE-2007-3095