3 matches found
McAfee Security Scan Plus < 3.11.599.3 LiveSafe Non-certificate-based Authentication HTTP Backend-response Handling MitM Registry Value Manipulation (TS102723)
The version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.599.3. It is, therefore, affected by a flaw in the non-certificate-based authentication mechanism that is triggered during the handling of HTTP backend-responses. This may allow a man-in-the-middle...
CVE-2017-3898
A man-in-the-middle attack vulnerability in the non-certificate-based authentication mechanism in McAfee LiveSafe MLS versions prior to 16.0.3 allows network attackers to modify the Windows registry value associated with the McAfee update via the HTTP backend-response...
CVE-2017-3898
CVE-2017-3898 affects McAfee LiveSafe (MLS) prior to 16.0.3 and is tied to a MitM flaw in the non‑certificate‑based authentication used during HTTP backend responses. An attacker on the network could manipulate the Windows registry value associated with McAfee updates, potentially enabling remote...