All the vulnerabilites related to McAfee, LLC - Data eXchange Layer (DXL) Platform
cve-2019-3612
Vulnerability from cvelistv5
Published
2019-04-10 20:10
Modified
2024-08-04 19:12
Severity ?
EPSS score ?
Summary
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.
References
| ▼ | URL | Tags |
|---|---|---|
| https://kc.mcafee.com/corporate/index?page=content&id=SB10279 | x_refsource_CONFIRM |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | McAfee, LLC | Data eXchange Layer (DXL) Platform |
Version: unspecified < 5.0.1 HF2 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.709Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10279"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Data eXchange Layer (DXL) Platform",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "5.0.1 HF2",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Threat Intelligence Exchange (TIE) Server",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "2.3.1 HF1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-10T20:10:39",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10279"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Information disclosure vulnerability in McAfee TIE Server and DXL Platform",
"x_generator": {
"engine": "Vulnogram 0.0.6"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2019-3612",
"STATE": "PUBLIC",
"TITLE": "Information disclosure vulnerability in McAfee TIE Server and DXL Platform"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Data eXchange Layer (DXL) Platform",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "5.0.1 HF2"
}
]
}
},
{
"product_name": "Threat Intelligence Exchange (TIE) Server",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "2.3.1 HF1"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.6"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10279",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10279"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3612",
"datePublished": "2019-04-10T20:10:39",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-08-04T19:12:09.709Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}