Mcafee

Database Security

8 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2021-31850

  • EPSS 0.29%
  • Published 08.12.2021 11:15:11
  • Last modified 21.11.2024 06:06:21

A denial-of-service vulnerability in Database Security (DBS) prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectl...

4.8

CVE-2021-31830

  • EPSS 0.43%
  • Published 03.06.2021 11:15:08
  • Last modified 21.11.2024 06:06:18

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monit...

6.5

CVE-2021-31831

  • EPSS 0.32%
  • Published 03.06.2021 10:15:07
  • Last modified 21.11.2024 06:06:18

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative co...

4.5

CVE-2021-23896

  • EPSS 0.05%
  • Published 02.06.2021 14:15:09
  • Last modified 21.11.2024 05:52:01

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data t...

9

CVE-2021-23895

  • EPSS 1.41%
  • Published 02.06.2021 13:15:12
  • Last modified 21.11.2024 05:52:01

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java seria...

10

CVE-2021-23894

  • EPSS 4.28%
  • Published 02.06.2021 13:15:11
  • Last modified 21.11.2024 05:52:01

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java ser...

6.3

CVE-2020-7339

  • EPSS 0.02%
  • Published 10.12.2020 00:15:16
  • Last modified 21.11.2024 05:37:05

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept commu...

6.8

CVE-2019-3615

  • EPSS 0.05%
  • Published 12.03.2019 21:29:00
  • Last modified 21.11.2024 04:42:15

Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen.