PT-2019-2071 · Mcafee · Mcafee Tie Server +1

Published

2019-04-09

Updated

2023-02-03

CVE-2019-3612

Report an issue

CVSS v3.1

8.2

Vector

AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions:

McAfee DXL Platform versions prior to 5.0.1 HF2

McAfee TIE Server versions prior to 2.3.1 HF1

Description:

The issue is related to a lack of protection for service data, which can be exploited to gain read access to confidential information in plain text. This can be achieved through the graphical interface or command line. Authenticated users can view sensitive information.

Recommendations:

For McAfee DXL Platform versions prior to 5.0.1 HF2, update to version 5.0.1 HF2 or later.

For McAfee TIE Server versions prior to 2.3.1 HF1, update to version 2.3.1 HF1 or later.

Fix

Information Disclosure

Cleartext Storage of Sensitive Information

Weakness Enumeration

CWE-200CWE-312

Related Identifiers

BDU:2019-01817

CVE-2019-3612

Affected Products

Mcafee Dxl Platform

Mcafee Tie Server

PT-2019-2071 · Mcafee · Mcafee Tie Server +1

Weakness Enumeration

Related Identifiers

Affected Products

References · 4