Symantec Discovery Web Accounts Null Password
1077
06 March 2020
24 October 2005
CLOSED
MEDIUM
SUMMARY
Risk Impact
Medium
Remote Access |
Yes |
Local Access |
Yes |
Authentication Required |
No |
Exploit publicly available |
NA |
AFFECTED PRODUCTS
Product |
Version |
Solution |
ON Command Discovery Standard Edition |
4.5.x |
|
ON Command Discovery Web Edition |
4.5.x |
|
Symantec Discovery |
6.0 |
Note: Product versions prior to 4.5.2 are no longer supported and updates are not available. Users of Symantec Discovery versions prior to 4.5.2 are encouraged to upgrade to a newer, supported product version.
ADDITIONAL PRODUCT INFORMATION
Product |
Version |
Build |
Version of Symantec Discovery installed without the web application |
All |
All |
ISSUES
Details
Symantec engineers have identified that during installation of Symantec Discovery, two database accounts, DiscoveryWeb and DiscoveryRO, are created with null passwords. Assigning a password to the DiscoveryWeb account will disable Symantec Discovery in its current configuration
MITIGATION
Symantec Response
A patch has been created to allow the DiscoveryWeb database account to be password protected. The DiscoveryRO account is only used in conjunction with the heat interface. It is recommended that this database account be removed unless used in conjunction with the heat interface. Scripts are also available for removing or adding the DiscoveryRO.
The patch and installation instructions are available from the Symantec website.
For ON Command Discovery Standard Edition:
http://www.symantec.com/techsupp/enterprise/products/oncmd/cmd_dis_std_45x/files.html
For ON Command Discovery Web Edition:
http://www.symantec.com/techsupp/enterprise/products/oncmd/cmd_dis_web_45x/files.html
For Symantec Discovery 6.0:
http://www.symantec.com/techsupp/enterprise/products/sdis/sdis_6x/files.html
Symantec is not aware of any active attempts against or organizations impacted by this issue.
As a part of normal best practices, users should keep vendor-supplied patches for all application software and operating systems up-to-date. Symantec strongly recommends any affected customers update their product immediately to protect against these types of threats