CVE-2019-3599

Name of the Vulnerable Software and Affected Versions McAfee Agent versions 5.x

Description The issue is related to an Information Disclosure vulnerability in the Remote logging component of McAfee Agent. This component is disabled by default. When enabled, it allows remote unauthenticated users to access sensitive information. The vulnerability is associated with a lack of protection for service data, which can be exploited by a remote attacker to disclose protected information.

Recommendations For McAfee Agent version 5.x, consider disabling the Remote logging feature to prevent exploitation until a fix is available. Restrict access to sensitive information and ensure that Remote logging is only enabled when necessary, with appropriate security measures in place. At the moment, there is no information about a newer version that contains a fix for this vulnerability.