5 matches found
CVE-2021-23896
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security DBSec prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to...
Design/Logic Flaw
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security DBSec prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to...
CVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...
CVE-2021-23895 Authorized deserialization of untrusted data in McAfee DBSec
Deserialization of untrusted data vulnerability in McAfee Database Security DBSec prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server...
CVE-2021-23894
CVE-2021-23894 describes a deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to version 4.8.2. The issue allows a remote unauthenticated attacker to trigger a reverse shell with administrator privileges on the DBSec server by sending a carefully constructed...