Lucene search
K
McafeeAdvanced Threat Defense

26 matches found

CVE
CVE
added 2019/09/11 2:8 p.m.89 views

CVE-2019-3644

CVE-2019-9517 is a denial-of-service vulnerability in McAfee Web Gateway (MWG) scanners exposed in MWG versions before 7.8.2.13. The issue arises from unconstrained interal data buffering in HTTP/2, where an attacker can flood a connection with requests and exhaust resources on the server. Affect...

7.5CVSS7.7AI score0.27004EPSS
CVE
CVE
added 2019/09/11 2:8 p.m.76 views

CVE-2019-3643

CVE-2019-3643 relates to McAfee Web Gateway (MWG) older than 7.8.2.13 and is described as vulnerable to CVE-2019-9511, potentially causing a denial of service. The Connected documents provide no additional MWG-specific technical details, remediation, or confirmed exploit information in this set. ...

7.5CVSS6.7AI score0.58373EPSS
CVE
CVE
added 2019/11/13 11:50 p.m.73 views

CVE-2019-3663

The CVE-2019-3663 issue affects McAfee Advanced Threat Defense (ATD) prior to version 4.8. It arises from unprotected storage of credentials, enabling a local attacker to read the root password from sensitive files; the root password is common across ATD deployments prior to 4.8. CVSS assessments...

9.8CVSS7.9AI score0.00907EPSS
CVE
CVE
added 2017/03/14 10:0 p.m.60 views

CVE-2017-3899

Vulnerability: CVE-2017-3899 affects Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier. Root cause: SQL injection via a crafted HTTP request parameter, leading to disclosure of product information. Impact: partial confidentiality loss; remote authenticated users can obtain info...

6.5CVSS6.2AI score0.01701EPSS
CVE
CVE
added 2015/04/08 6:0 p.m.58 views

CVE-2015-3029

CVE-2015-3029 affects McAfee Advanced Threat Defense (MATD) before version 3.4.4.63. The web interface does not properly restrict access, allowing remote authenticated users to obtain sensitive information via unspecified vectors (information disclosure). Affected product/version: MATD

4CVSS5.8AI score0.00966EPSS
CVE
CVE
added 2017/07/12 3:0 p.m.58 views

CVE-2017-4053

CVE-2017-4053 affects McAfee Advanced Threat Defense (ATD) web interface, with command injection in the HTTP parameter of ATD versions 3.10, 3.8, 3.6 and 3.4. The vulnerability allows remote unauthenticated attackers to execute arbitrary commands via a crafted request. Connected documents corrobo...

9.8CVSS9.6AI score0.03387EPSS
CVE
CVE
added 2015/04/08 6:0 p.m.57 views

CVE-2015-3030

CVE-2015-3030 affects McAfee Advanced Threat Defense (MATD) web interface prior to version 3.4.4.63. The vulnerability allows remote authenticated users to obtain sensitive configuration information via unspecified vectors (information disclosure). Impact is limited to disclosure of configuration...

4CVSS5.9AI score0.00966EPSS
CVE
CVE
added 2015/04/08 6:0 p.m.56 views

CVE-2015-3028

The CVE-2015-3028 entry affects McAfee Advanced Threat Defense (MATD) versions prior to 3.4.4.63. The issue allows remote authenticated users to bypass intended restrictions and change or update configuration settings via crafted parameters, indicating an access-control weakness that enables conf...

5.5CVSS6.5AI score0.01007EPSS
CVE
CVE
added 2017/07/12 3:0 p.m.56 views

CVE-2017-4055

CVE-2017-4055 affects McAfee Advanced Threat Defense (ATD) Web Interface, with versions 3.10, 3.8, 3.6, and 3.4. The issue is a vulnerability in authentication/authorization enforcement that lets remote unauthenticated users bypass ATD detection via loose authentication checks, enabling bypass of...

7.5CVSS7.8AI score0.01245EPSS
CVE
CVE
added 2021/04/15 8:0 a.m.56 views

CVE-2020-7269

The CVE-2020-7269 issue affects McAfee Advanced Threat Defense (ATD) web interface: versions prior to 4.12.2 expose unencrypted sensitive information via specially crafted HTTP request parameters. The vulnerability can be exploited by remote authenticated users. Impact details are documented acro...

4.9CVSS4.3AI score0.00726EPSS
CVE
CVE
added 2019/11/13 10:30 p.m.54 views

CVE-2019-3649

CVE-2019-3649 concerns McAfee Advanced Threat Defense (ATD) prior to 4.8. The vulnerability is an information disclosure through a carefully crafted POST request that exploits how log data is recorded, allowing remote authenticated attackers to access hashed credentials stored in logs. The root c...

6.5CVSS5.6AI score0.00923EPSS
CVE
CVE
added 2019/11/13 11:40 p.m.54 views

CVE-2019-3661

CVE-2019-3661 affects McAfee Advanced Threat Defense (ATD) prior to 4.8. The vulnerability is described as an improper neutralization of special elements used in an SQL command (SQL Injection) that could allow a remote authenticated attacker to execute database commands via a carefully constructe...

8.8CVSS8.7AI score0.01131EPSS
CVE
CVE
added 2017/03/14 10:0 p.m.53 views

CVE-2015-8990

CVE-2015-8990 covers a detection bypass in Intel Security Advanced Threat Defense (ATD) 3.4.6 and earlier, where malware samples can evade ATD detection by renaming the malware. Affected product: Intel ATD; vulnerable component/behavior: detection logic bypass via filename renaming; root cause/im...

7.5CVSS7.4AI score0.0101EPSS
CVE
CVE
added 2017/07/12 3:0 p.m.52 views

CVE-2017-4054

CVE-2017-4054 affects McAfee Advanced Threat Defense (ATD) web interface versions 3.4, 3.6, 3.8 and 3.10. The vulnerability is a Command Injection in the web interface that allows remote authenticated users to execute arbitrary commands via a crafted HTTP request parameter. The provided connected...

8.8CVSS8.6AI score0.0253EPSS
CVE
CVE
added 2017/07/12 3:0 p.m.52 views

CVE-2017-4057

The CVE-2017-4057 entry documents a Privilege Escalation in the web interface of McAfee Advanced Threat Defense (ATD) affecting versions 3.10, 3.8, 3.6 and 3.4. The vulnerability allows remote authenticated users to gain elevated privileges via the GUI or GUI terminal commands. The connected CNVD...

8.8CVSS8.4AI score0.01247EPSS
CVE
CVE
added 2021/04/15 8:5 a.m.52 views

CVE-2020-7270

Summary: CVE-2020-7270 affects McAfee Advanced Threat Defense (ATD) web interface. In ATD versions prior to 4.12.2, remote authenticated users can view sensitive unencrypted information through a specially crafted HTTP request parameter, as described across multiple sources (NVD, CNVD, Red Hat, C...

4.9CVSS4.3AI score0.00821EPSS
CVE
CVE
added 2023/03/13 1:29 p.m.52 views

CVE-2023-0978

Summary: CVE-2023-0978 concerns Trellix Intelligent Sandbox CLI, affected in versions 5.2 and earlier, due to insufficient validation of CLI arguments that allows a local user to inject and execute arbitrary OS commands. Impact (as stated): local command execution with potential high impact on co...

6.7CVSS6.9AI score0.00385EPSS
CVE
CVE
added 2017/03/14 10:0 p.m.51 views

CVE-2015-8986

CVE-2015-8986 is described as a sandbox-detection evasion vulnerability in McAfee/Intel Security Advanced Threat Defense (MATD) versions up to 3.4.2.32. The issue allows malware to detect the sandbox environment and bypass malware detection, resulting in false negatives. The available sources ide...

5.5CVSS5.5AI score0.00734EPSS
CVE
CVE
added 2017/07/12 3:0 p.m.51 views

CVE-2017-4052

CVE-2017-4052 concerns McAfee Advanced Threat Defense (ATD). The connected sources confirm an authentication bypass vulnerability in the web interface affecting ATD versions 3.10, 3.8, 3.6, and 3.4, allowing remote unauthenticated users to change or update arbitrary configuration settings or gain...

9.8CVSS9.3AI score0.02077EPSS
CVE
CVE
added 2019/11/13 10:46 p.m.50 views

CVE-2019-3650

CVE-2019-3650 affects McAfee Advanced Threat Defense (ATD) prior to 4.8. The vulnerability is an information disclosure where a crafted GET request can extract insecure information stored in the ATD database, allowing remote authenticated attackers to gain access to atduser credentials. The conne...

6.5CVSS5.5AI score0.00923EPSS
CVE
CVE
added 2019/11/13 11:5 p.m.50 views

CVE-2019-3660

CVE-2019-3660 concerns McAfee Advanced Threat Defense (ATD) before version 4.8, where improper neutralization of HTTP requests enables a remote authenticated attacker to execute commands on the server via carefully crafted HTTP requests. The issue is documented across multiple sources (NVD, Red H...

8.8CVSS8.7AI score0.01198EPSS
CVE
CVE
added 2019/11/13 11:45 p.m.50 views

CVE-2019-3662

CVE-2019-3662 affects McAfee Advanced Threat Defense (ATD) prior to 4.8. The vulnerability is a path traversal in which a crafted HTTP request allows a remote authenticated attacker to access files outside a restricted directory due to improper filtering of path elements. Reported impact indicate...

6.5CVSS6.4AI score0.0143EPSS
CVE
CVE
added 2020/03/12 11:0 a.m.50 views

CVE-2020-7254

McAfee Advanced Threat Defense (ATD) Privilege Escalation (CVE-2020-7254) affects ATD 4.x prior to 4.8.2. The root cause is improper access controls on sudo commands in the command line interface, enabling local users to escalate privileges and execute arbitrary code. Exploitation is local and re...

7.8CVSS7.8AI score0.003EPSS
CVE
CVE
added 2020/06/22 8:35 a.m.48 views

CVE-2020-7262

CVE-2020-7262 affects McAfee Advanced Threat Defense (ATD) prior to version 4.10.0. The vulnerability is Improper Access Control that allows a local attacker to view sensitive files via a crafted HTTP request parameter. Public sources in the connected documents confirm information disclosure as t...

5.5CVSS5.1AI score0.00743EPSS
CVE
CVE
added 2019/11/13 10:45 p.m.46 views

CVE-2019-3651

CVE-2019-3651 affects McAfee Advanced Threat Defense (ATD) prior to 4.8. Vulnerability arises from overly permissive ATD user credentials (atduser) that allow remote authenticated attackers to access ePO as an administrator, enabling information disclosure. Connected sources confirm the issue and...

8.8CVSS8.5AI score0.01083EPSS
CVE
CVE
added 2016/04/08 3:0 p.m.44 views

CVE-2016-3983

McAfee Advanced Threat Defense (ATD) before version 3.4.8.178 may allow remote attackers to bypass malware detection by leveraging information about the parent process. The connected sources confirm this is a vulnerability in ATD with no public exploit details provided in the documents. No remedi...

7.5CVSS7.4AI score0.00606EPSS