CVE-2019-3650

Advanced Threat Defense (ATD) - Information Disclosure vulnerability

CVSS 5.3 MEDIUMEPSS 0.9%

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Productos afectados

McAfee · Advanced Threat Defense (ATD)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://kc.mcafee.com/corporate/index?page=content&id=SB10304