CVE-2020-7269

Name of the Vulnerable Software and Affected Versions: McAfee Advanced Threat Defense (ATD) versions prior to 4.12.2

Description: The issue allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter in the web interface. The risk is partially mitigated if the ATD instances are deployed as recommended with no direct access from the Internet to them.

Recommendations: For versions prior to 4.12.2, update to version 4.12.2 or later to resolve the issue. As a temporary workaround, consider restricting direct access from the Internet to the ATD instances, deploying them as recommended.