Lucene search

[email protected]NVD:CVE-2019-3650

HistoryNov 13, 2019 - 11:15 p.m.

CVE-2019-3650

2019-11-1323:15:11

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.002

Percentile

55.9%

JSON

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.

Affected configurations

Nvd

Node

mcafeeadvanced_threat_defenseRange<4.8

VendorProductVersionCPE
mcafeeadvanced_threat_defense*cpe:2.3:a:mcafee:advanced_threat_defense:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
mcafee	advanced_threat_defense	*	cpe:2.3:a:mcafee:advanced_threat_defense::::::::

References

kc.mcafee.com/corporate/index?page=content&id=SB10304

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

AI Score

5.2

Confidence

High

EPSS

0.002

Percentile

55.9%

JSON

Related for NVD:CVE-2019-3650

cvelist1 prion1 cve1