CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31831 – Incorrect access to deleted scripts vulnerability in McAfee DBSec
https://notcve.org/view.php?id=CVE-2021-31831
Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API. Una vulnerabilidad de acceso incorrecto a scripts eliminados en McAfee Database Security (DBSec) versiones anteriores a 4.8.2, permite a un atacante remoto autenticado conseguir acceso a scripts SQL firmados que han sido marcados como eliminados o caducados dentro de la consola administrativa. Este acceso solo estaba disponible mediante la API REST • https://kc.mcafee.com/corporate/index?page=content&id=SB10359 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23896 – Cleartext Transmission of Sensitive Information in McAfee DBSec
https://notcve.org/view.php?id=CVE-2021-23896
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server. Una vulnerabilidad de Information Confidencial de la Transmision de Texto Sin cifrar en la interfaz de administrador de McAfee Database Security (DBSec) versiones anteriores a 4.8.2, permite a un administrador visualizar la contraseña no cifrada del servidor McAfee Insights utilizada para pasar datos al servidor Insights. Este usuario está restringido a tener acceso únicamente a los datos de DBSec en el Insights Server • https://kc.mcafee.com/corporate/index?page=content&id=SB10359 • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23895 – Authorized deserialization of untrusted data in McAfee DBSec
https://notcve.org/view.php?id=CVE-2021-23895
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server. La vulnerabilidad de deserialización de datos no confiables en McAfee Database Security (DBSec) versiones anteriores a 4.8.2, permite a un atacante remoto autenticado crear un shell inverso con privilegios de administrador en el servidor DBSec por medio de un objeto serializado Java cuidadosamente construido enviado al servidor DBSec • https://kc.mcafee.com/corporate/index?page=content&id=SB10359 • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23894 – Unauthorized deserialization of untrusted data in McAfee DBSec
https://notcve.org/view.php?id=CVE-2021-23894
Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server. Una vulnerabilidad de deserialización de datos no confiables en McAfee Database Security (DBSec) versiones anteriores a 4.8.2, permite a un atacante remoto no autenticado crear un shell inverso con privilegios de administrador en el servidor DBSec por medio de un objeto serializado de Java cuidadosamente construido enviado al servidor DBSec • https://kc.mcafee.com/corporate/index?page=content&id=SB10359 • CWE-502: Deserialization of Untrusted Data •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23892
https://notcve.org/view.php?id=CVE-2021-23892
By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW) installation process, a local user can perform a privilege escalation attack to obtain administrator privileges for the purpose of executing arbitrary code through insecure use of predictable temporary file locations. Al explotar una condición de carrera de tiempo de verificación a tiempo de uso (TOCTOU) durante el proceso de instalación de Endpoint Security for Linux Threat Prevention and Firewall (ENSL TP/FW), un usuario local puede llevar a cabo un ataque de escalada de privilegios para alcanzar privilegios de administrador para el propósito de ejecutar código arbitrario a través del uso no seguro de ubicaciones predecibles de archivos temporales • https://kc.mcafee.com/corporate/index?page=content&id=SB10355 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •