[原文]Symantec FireWall/VPN Appliance model 200 records a cleartext password for the password administration page, which may be cached on the administrator's local system or in a proxy, which allows attackers to steal the password and gain privileges.
Symantec Firewall / VPN Appliance Exposure of Password
Physical Access Required
Loss of Confidentiality
Symantec Firewall and VPN appliances contain a flaw that may lead to an unauthorized password exposure. The problem is that passwords are entered in plaintext without being masked in a HTML form. Hence it allows other people with physical access to see a password when it is entered, which may lead to a loss of confidentiality.
Currently, there are no known workarounds or upgrades to correct this issue. However, Symantec has released a patch to address this vulnerability.