PT-2017-7520 · Intel Security Mcafee · Intel Security Mcafee Vulnerability Manager

Published

2017-03-14

Updated

2017-03-22

CVE-2015-8989

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Intel Security McAfee Vulnerability Manager (MVM) versions 7.5.8 and earlier

Description The issue concerns an unsalted password vulnerability in the Enterprise Manager component, which allows attackers to more easily decrypt user passwords via brute force attacks against the database.

Recommendations For versions 7.5.8 and earlier, update to a version that includes a fix for the unsalted password vulnerability to prevent brute force attacks against the database.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

CVE-2015-8989

Affected Products

Intel Security Mcafee Vulnerability Manager

PT-2017-7520 · Intel Security Mcafee · Intel Security Mcafee Vulnerability Manager

CVE-2015-8989

Weakness Enumeration

Related Identifiers

Affected Products

References · 2