McAfee Threat Intelligence Exchange Server CVE-2019-3641 Unauthorized Access Vulnerability

2019-11-12T00:00:00
ID SMNTC-110863
Type symantec
Reporter Symantec Security Response
Modified 2019-11-12T00:00:00

Description

Description

McAfee Threat Intelligence Exchange Server is prone to an unauthorized-access vulnerability. Attackers can exploit this issue to gain unauthorized access and perform unauthorized actions. This may aid in further attacks. McAfee Threat Intelligence Exchange Server 3.0.0 is vulnerable.

Technologies Affected

  • McAfee Threat Intelligence Exchange Server 3.0.0

Recommendations

Deploy network intrusion detection systems to monitor network traffic for malicious activity.
Deploy NIDS to monitor network traffic for signs of anomalous or suspicious activity such as unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.

Run all software as a nonprivileged user with minimal access rights.
To limit the impact of a successful exploit, run server software with the least privileges required and in restricted environments while still maintaining functionality.

Updates are available. Please see the references or vendor advisory for more information.