Advanced Threat Defense Security Vulnerabilities and Issues — Advanced Threat Defense CVE List

Lucene search

McafeeAdvanced Threat Defense

9 matches found

CVE•added 2019/09/11 3:15 p.m.•69 views

CVE-2019-3644

McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9517, potentially leading to a denial of service. This affects the scanning proxies.

7.5CVSS7.7AI score0.04564EPSS

CVE•added 2019/09/11 3:15 p.m.•55 views

CVE-2019-3643

McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remote attacker exploiting CVE-2019-9511, potentially leading to a denial of service. This affects the scanning proxies.

7.5CVSS6.7AI score0.13948EPSS

CVE•added 2019/11/14 12:15 a.m.•54 views

CVE-2019-3663

Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted i...

9.8CVSS7.9AI score0.00439EPSS

CVE•added 2019/11/14 12:15 a.m.•39 views

CVE-2019-3662

Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to gain unintended access to files on the system via carefully constructed HTTP requests.

6.5CVSS6.4AI score0.0036EPSS

CVE•added 2019/11/13 11:15 p.m.•38 views

CVE-2019-3649

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attackers to gain access to hashed credentials via carefully constructed POST request extracting incorrectly recorded data from log files.

6.5CVSS5.6AI score0.0032EPSS

CVE•added 2019/11/13 11:15 p.m.•37 views

CVE-2019-3650

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.

6.5CVSS5.5AI score0.0032EPSS

CVE•added 2019/11/13 11:15 p.m.•37 views

CVE-2019-3660

Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests.

8.8CVSS8.7AI score0.00728EPSS

CVE•added 2019/11/14 12:15 a.m.•36 views

CVE-2019-3661

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.

8.8CVSS8.7AI score0.00182EPSS

CVE•added 2019/11/13 11:15 p.m.•35 views

CVE-2019-3651

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.

8.8CVSS8.5AI score0.00487EPSS