exploitDog

GHSA-97pc-gqwx-pc6q

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.

Ссылки

EPSS

Процентиль: 65%

0.00487

Низкий

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2019-3651

CVSS3: 8.8

nvd

около 6 лет назад

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.

BDU:2019-04683

CVSS3: 8.8

fstec

около 6 лет назад

Уязвимость программного средства защиты McAfee Advanced Threat Defense, связанная с отсутствием защиты служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

EPSS

Процентиль: 65%

0.00487

Низкий

CVE ID

Дефекты

CWE-200