Vulnerabilities > CVE-2019-3599 - Unspecified vulnerability in Mcafee Agent

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
mcafee
nessus

Summary

Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging when it is enabled.

Nessus

NASL familyMisc.
NASL idMCAFEE_EPO_AGENT_SB10271.NASL
descriptionThe version of McAfee Agent, formerly McAfee ePolicy Orchestrator (ePO) Agent, installed on the remote host is 5.0.x, 5.5.x, or 5.6.x < 5.6.1. It is, therefore, affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this, via the remote logger, to disclose potentially sensitive information.
last seen2020-06-01
modified2020-06-02
plugin id125780
published2019-06-07
reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/125780
titleMcAfee Agent < 5.6.1 Information Disclosure Vulnerability (SB10271)