PT-2017-16184 · Mcafee · Mcafee Advanced Threat Defense

Publicado

2017-07-12

Atualizado

2017-07-17

CVE-2017-4055

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions McAfee Advanced Threat Defense (ATD) versions 3.4 through 3.10

Description The issue concerns the exploitation of an authentication vulnerability in the web interface, allowing remote unauthenticated users to bypass detection due to loose enforcement of authentication and authorization.

Recommendations For versions 3.4 through 3.10, update to a version that addresses the loose enforcement of authentication and authorization to prevent remote unauthenticated users from bypassing ATD detection.

Correção

Missing Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-306

Identificadores relacionados

CVE-2017-4055

Produtos afetados

Mcafee Advanced Threat Defense

PT-2017-16184 · Mcafee · Mcafee Advanced Threat Defense

CVE-2017-4055

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4