Описание
Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deployed as recommended with no direct access from the Internet to them.
Ссылки
- Broken LinkVendor Advisory
- Broken LinkVendor Advisory
Уязвимые конфигурации
EPSS
4.9 Medium
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
Связанные уязвимости
Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deployed as recommended with no direct access from the Internet to them.
EPSS
4.9 Medium
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2