Symantec engineers have identified that during installation of Symantec Discovery, two database accounts, DiscoveryWeb and DiscoveryRO, are created with null passwords. Assigning a password to the DiscoveryWeb account will disable Symantec Discovery in its current configuration.
Symantec Response
A patch has been created to allow the DiscoveryWeb database account to be password protected. The DiscoveryRO account is only used in conjunction with the heat interface. It is recommended that this database account be removed unless used in conjunction with the heat interface. Scripts are also available for removing or adding the DiscoveryRO.
The patch and installation instructions are available from the Symantec website.
For ON Command Discovery Standard Edition:
http://www.symantec.com/techsupp/enterprise/products/oncmd/cmd_dis_std_45x/files.html
For ON Command Discovery Web Edition:
http://www.symantec.com/techsupp/enterprise/products/oncmd/cmd_dis_web_45x/files.html
For Symantec Discovery 6.0:
http://www.symantec.com/techsupp/enterprise/products/sdis/sdis_6x/files.html
Symantec is not aware of any active attempts against or organizations impacted by this issue.
As a part of normal best practices, users should keep vendor-supplied patches for all application software and operating systems up-to-date. Symantec strongly recommends any affected customers update their product immediately to protect against these types of threats.