Lucene search

TrellixCVELIST:CVE-2019-3666

HistoryDec 03, 2019 - 10:55 a.m.

CVE-2019-3666 API Abuse Vulnerability

2019-12-0310:55:16

trellix

www.cve.org

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

50.7%

JSON

API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site.

CNA Affected

[
  {
    "product": "McAfee Web Advisor (WA)",
    "vendor": "McAfee, LLC",
    "versions": [
      {
        "lessThan": "Prior to 4.1.1.48",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

service.mcafee.com/FAQDocument.aspx?&id=TS102991

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

50.7%

JSON

Related for CVELIST:CVE-2019-3666