Description

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server.

Related CPE's

a

mcafee

database_security

Vulnerable

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10359

Weaknesses

[email protected]

Primary
CWE-319

[email protected]

Secondary
CWE-319

CVSS impact metrics

CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.5 · Medium

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2021-06-02T14:15:09.917

4 years ago

Last modified

2023-11-07T03:31:00.850

1 year ago