Vulnerabilities > CVE-2019-3599 - Unspecified vulnerability in Mcafee Agent

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

mcafee

nessus

NVD

Published: 2019-02-28

Updated: 2023-11-07

Summary

Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging when it is enabled.

Vulnerable Configurations

Part	Description	Count
Application	Mcafee Mcafee Agent 5.0.0 Mcafee Agent 5.0.1 Mcafee Agent 5.0.2 Mcafee Agent 5.0.3 Mcafee Agent 5.0.4 Mcafee Agent 5.0.5 Mcafee Agent 5.0.6 Mcafee Agent 5.6.0 Mcafee Agent 5.5.0 Mcafee Agent 5.5.1 Mcafee Agent 5.5.2	33

Nessus

NASL family	Misc.
NASL id	MCAFEE_EPO_AGENT_SB10271.NASL
description	The version of McAfee Agent, formerly McAfee ePolicy Orchestrator (ePO) Agent, installed on the remote host is 5.0.x, 5.5.x, or 5.6.x < 5.6.1. It is, therefore, affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this, via the remote logger, to disclose potentially sensitive information.
last seen	2020-06-01
modified	2020-06-02
plugin id	125780
published	2019-06-07
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/125780
title	McAfee Agent < 5.6.1 Information Disclosure Vulnerability (SB10271)

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10271