PT-2019-2071 · Mcafee · Mcafee Tie Server+1
Published
2019-04-09
·
Updated
2023-02-03
·
CVE-2019-3612
CVSS v3.1
8.2
High
| Vector | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
McAfee DXL Platform versions prior to 5.0.1 HF2
McAfee TIE Server versions prior to 2.3.1 HF1
Description
The issue is related to a lack of protection for service data, which can be exploited to gain read access to confidential information in plain text. This can be achieved through the graphical interface or command line. Authenticated users can view sensitive information.
Recommendations
For McAfee DXL Platform versions prior to 5.0.1 HF2, update to version 5.0.1 HF2 or later.
For McAfee TIE Server versions prior to 2.3.1 HF1, update to version 2.3.1 HF1 or later.
Fix
Cleartext Storage of Sensitive Information
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Mcafee Dxl Platform
Mcafee Tie Server