PT-2021-12645 · Mcafee · Mcafee Global Threat Intelligence (Gti) Servers+1
Published
2021-04-15
·
Updated
2023-11-16
·
CVE-2020-7308
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
McAfee Endpoint Security (ENS) for Windows versions prior to 10.7.0 February 2021 Update
Description:
The issue allows a remote attacker to view requests from ENS and responses from McAfee Global Threat Intelligence (GTI) servers over DNS. This is due to the cleartext transmission of sensitive information between McAfee Endpoint Security (ENS) for Windows and McAfee Global Threat Intelligence (GTI) servers using DNS. An attacker can intercept requests and send their own responses by gaining control of an intermediate DNS server or altering the network DNS configuration.
Recommendations:
For versions prior to 10.7.0 February 2021 Update, update to the February 2021 Update or later to resolve the issue. As a temporary workaround, consider restricting access to intermediate DNS servers and securing the network DNS configuration to minimize the risk of exploitation.
Fix
Cleartext Transmission of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Mcafee Endpoint Security (Ens) For Windows
Mcafee Global Threat Intelligence (Gti) Servers