Description


Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server.

Related CPE's


Weaknesses



CWE-319


CWE-319

CVSS impact metrics


CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information


Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-06-02T14:15:09.917

4 years ago

Last modified

2023-11-07T03:31:00.850

1 year ago