6.5
CVE-2019-3650
- EPSS 0.32%
- Veröffentlicht 13.11.2019 23:15:11
- Zuletzt bearbeitet 21.11.2024 04:42:17
- Quelle trellixpsirt@trellix.com
- CVE-Watchlists
- Unerledigt
LoginInformation Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Mcafee ≫ Advanced Threat Defense Version < 4.8
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.32% | 0.545 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:P/I:N/A:N
|
| trellixpsirt@trellix.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|