CVE-2019-3606

EPSS 0.03%
Veröffentlicht 26.03.2019 18:29:00
Zuletzt bearbeitet 21.11.2024 04:42:14
Quelle trellixpsirt@trellix.com
CVE-Watchlists
Login
Unerledigt
Login

Data leakage when in an MDR pair by McAfee Network Security Manager 9.x

Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 5

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mcafee ≫ Network Security Manager Version >= 9.1 < 9.1.7.75

Mcafee ≫ Network Security Manager Version >= 9.2 < 9.2.7.31

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.048

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.1	0.5	3.6	CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N
nvd@nist.gov	1.9	3.4	2.9	AV:L/AC:M/Au:N/C:P/I:N/A:N
trellixpsirt@trellix.com	7.7	1.1	6	CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CWE-312 Cleartext Storage of Sensitive Information

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

http://www.securityfocus.com/bid/107613

https://kc.mcafee.com/corporate/index?page=content&id=SB10274

https://nvd.nist.gov/vuln/detail/CVE-2019-3606

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-3606

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-3606

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2019-3606