Lucene search

TrellixCVELIST:CVE-2019-3641

HistoryNov 13, 2019 - 10:35 a.m.

CVE-2019-3641 Exploitation of Authorization in TIE Server

2019-11-1310:35:52

CWE-285

trellix

www.cve.org

CVSS3

4.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

36.9%

JSON

Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages.

CNA Affected

[
  {
    "product": "Threat Intelligence Exchange Server (TIE Server)",
    "vendor": "McAfee,LLC",
    "versions": [
      {
        "status": "affected",
        "version": "3.0.x 3.0.0"
      }
    ]
  }
]

References

kc.mcafee.com/corporate/index?page=content&id=SB10303

CVSS3

4.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N

AI Score

4.5

Confidence

High

EPSS

0.001

Percentile

36.9%

JSON

Related for CVELIST:CVE-2019-3641