CVE-2019-3650

Advanced Threat Defense (ATD) - Information Disclosure vulnerability

CVSS 5.3 MEDIUMEPSS 0.9%

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Produtos afetados

McAfee · Advanced Threat Defense (ATD)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://kc.mcafee.com/corporate/index?page=content&id=SB10304