CVE-2019-3661

Advanced Threat Defense (ATD) - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVSS 8.1 HIGHEPSS 1.1%

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Produtos afetados

McAfee · Advanced Threat Defense (ATD)

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://kc.mcafee.com/corporate/index?page=content&id=SB10304