PT-2021-15598 · Mcafee · Mcafee Database Security

Published

2021-06-02

Updated

2021-06-11

CVE-2021-23896

CVSS v3.1

4.5

Medium

Vector

AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: McAfee Database Security (DBSec) versions prior to 4.8.2

Description: The administrator interface of McAfee Database Security (DBSec) contains a Cleartext Transmission of Sensitive Information issue, allowing an administrator to view the unencrypted password of the McAfee Insights Server. This access is restricted to DBSec data within the Insights Server.

Recommendations: For versions prior to 4.8.2, update to version 4.8.2 or later to resolve the issue.

Fix

Cleartext Transmission of Sensitive Information

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-319

Related Identifiers

CVE-2021-23896

Affected Products

Mcafee Database Security

PT-2021-15598 · Mcafee · Mcafee Database Security

CVE-2021-23896

Weakness Enumeration

Related Identifiers

Affected Products

References · 3