CVE-2019-3612
Information disclosure vulnerability in McAfee TIE Server and DXL Platform
Severity Score
4.4
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.
Se presenta una vulnerabilidad de divulgación de información en McAfee DXL Platform y TIE Server en DXL versión anterior a 5.0.1 HF2 y TIE versión anterior a 2.3.1 HF1 este permite a los usuarios autenticados ver información confidencial en texto plano por medio de la GUI o la línea de comandos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-01-03 CVE Reserved
- 2019-04-10 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-312: Cleartext Storage of Sensitive Information
CAPEC
References (1)
| URL | Tag | Source |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10279 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Mcafee Search vendor "Mcafee" | Data Exchange Layer Search vendor "Mcafee" for product "Data Exchange Layer" | >= 4.0.0 <= 4.1.2 Search vendor "Mcafee" for product "Data Exchange Layer" and version " >= 4.0.0 <= 4.1.2" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Data Exchange Layer Search vendor "Mcafee" for product "Data Exchange Layer" | >= 5.0.0 <= 5.0.1 Search vendor "Mcafee" for product "Data Exchange Layer" and version " >= 5.0.0 <= 5.0.1" | - |
Affected
| ||||||
| Mcafee Search vendor "Mcafee" | Threat Intelligence Exchange Search vendor "Mcafee" for product "Threat Intelligence Exchange" | >= 2.0.0 <= 2.3.1 Search vendor "Mcafee" for product "Threat Intelligence Exchange" and version " >= 2.0.0 <= 2.3.1" | - |
Affected
| ||||||