Lucene search

TrellixCVELIST:CVE-2019-3612

HistoryApr 10, 2019 - 8:10 p.m.

CVE-2019-3612 Information disclosure vulnerability in McAfee TIE Server and DXL Platform

2019-04-1020:10:39

trellix

www.cve.org

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

4.5

Confidence

High

EPSS

Percentile

12.6%

JSON

Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.

CNA Affected

[
  {
    "product": "Data eXchange Layer (DXL) Platform",
    "vendor": "McAfee, LLC",
    "versions": [
      {
        "lessThan": "5.0.1 HF2",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "Threat Intelligence Exchange (TIE) Server",
    "vendor": "McAfee, LLC",
    "versions": [
      {
        "lessThan": "2.3.1 HF1",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

kc.mcafee.com/corporate/index?page=content&id=SB10279

CVSS3

8.2

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

AI Score

4.5

Confidence

High

EPSS

Percentile

12.6%

JSON

Related for CVELIST:CVE-2019-3612