Lucene search

TrellixCVELIST:CVE-2019-3610

HistoryFeb 13, 2019 - 5:00 p.m.

CVE-2019-3610 True Key Browser Extension 3.1.9219.0 update fixes Sensitive Data Exposure vulnerability

2019-02-1317:00:00

trellix

www.cve.org

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.

CNA Affected

[
  {
    "platforms": [
      "Chrome, Edge and Firefox"
    ],
    "product": "True Key (TK)",
    "vendor": "McAfee, LLC",
    "versions": [
      {
        "lessThanOrEqual": "3.1.9211.0",
        "status": "affected",
        "version": "3.1",
        "versionType": "custom"
      }
    ]
  }
]

References

www.securityfocus.com/bid/107217

service.mcafee.com/webcenter/portal/cp/home/articleview?articleId=TS102889

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N

AI Score

5.3

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVELIST:CVE-2019-3610