Symantec Altiris NS Key Unauthorized Access Vulnerability

Summary
This host is installed with Symantec Altiris Notification Server and is prone to unauthorized access vulnerability.
Impact
Successful exploitation let attackers to access certain encrypted credentials and encryption keys and also execute code, obtain sensitive information, or perform actions with elevated privileges. Impact Level: Application
Solution
Update to Symantec Altiris Notification Server 6.0 SP3 R12 For updates refer to https://kb.altiris.com/article.asp?article=46763&p=1
Insight
The flaw is due to the application using a static encryption key to encrypt and store certain credentials.
Affected
Symantec Altiris Notification Server versions 6.0.x before 6.0 SP3 R12
References