Description

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server.

Related CPE's

a

mcafee

database_security

Vulnerable

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10359

https://kc.mcafee.com/corporate/index?page=content&id=SB10359

Weaknesses

[email protected]

Secondary
CWE-319

[email protected]

Primary
CWE-319

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N

3.2 · Low

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-06-02T12:15:09.917Z

4 years ago

Last modified

2024-11-21T04:52:01.510Z

1 year ago