Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistTrellixCVELIST:CVE-2020-7270
HistoryApr 15, 2021 - 8:05 a.m.

CVE-2020-7270 Sensitive Information Exposure in McAfee ATD

2021-04-1508:05:19
CWE-200
trellix
www.cve.org
5
mcafee
advanced threat defense
sensitive information exposure
remote authentication

CVSS3

4.9

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON

Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deployed as recommended with no direct access from the Internet to them.

CNA Affected

[
  {
    "product": "McAfee Advanced Threat Defense (ATD)",
    "vendor": "McAfee,LLC",
    "versions": [
      {
        "lessThan": "4.12.2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
nvd 1
cve 1
prion
prion
Design/Logic Flaw
2021-04-15 08:15:00
nvd
nvd
CVE-2020-7270
2021-04-15 08:15:14
cve
cve
CVE-2020-7270
2021-04-15 08:15:14

CVSS3

4.9

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

AI Score

4.7

Confidence

High

EPSS

0.001

Percentile

25.9%

JSON
Related for CVELIST:CVE-2020-7270
prion1nvd1cve1