PT-2020-5831 · Mcafee · Mcafee Data Loss Prevention (Dlp) For Mac

Published

2020-08-12

Updated

2022-07-01

CVE-2020-7306

CVSS v3.1

5.2

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions: McAfee Data Loss Prevention (DLP) for Mac versions prior to 11.5.2

Description: The issue concerns the storage of credentials in an unprotected manner, allowing local users to access sensitive information, specifically the ADRMS username and password, via log files that contain plain text. This could enable unauthorized access to protected information.

Recommendations: For McAfee Data Loss Prevention (DLP) for Mac versions prior to 11.5.2, update to version 11.5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the log files that contain plain text credentials to minimize the risk of exploitation.

Fix

Insufficiently Protected Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-256CWE-522

Related Identifiers

BDU:2021-01800

CVE-2020-7306

Affected Products

Mcafee Data Loss Prevention (Dlp) For Mac

PT-2020-5831 · Mcafee · Mcafee Data Loss Prevention (Dlp) For Mac

CVE-2020-7306

Weakness Enumeration

Related Identifiers

Affected Products

References · 6