Vulnerabilities > CVE-2019-3650 - Unspecified vulnerability in Mcafee Advanced Threat Defense

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

mcafee

NVD

Published: 2019-11-13

Updated: 2023-11-07

Summary

Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.

Vulnerable Configurations

Part	Description	Count
Application	Mcafee Mcafee Advanced Threat Defense 3.4 Mcafee Advanced Threat Defense 3.4.2.32 Mcafee Advanced Threat Defense 3.4.4.14 Mcafee Advanced Threat Defense 3.4.4.142 Mcafee Advanced Threat Defense 3.4.6 Mcafee Advanced Threat Defense 3.6 Mcafee Advanced Threat Defense 3.6.2 Mcafee Advanced Threat Defense 3.8 Mcafee Advanced Threat Defense 3.8.0 Mcafee Advanced Threat Defense 3.10 Mcafee Advanced Threat Defense 4.0 Mcafee Advanced Threat Defense 4.0.4 Mcafee Advanced Threat Defense 4.0.6 Mcafee Advanced Threat Defense 4.2 Mcafee Advanced Threat Defense 4.2.2 Mcafee Advanced Threat Defense 4.4 Mcafee Advanced Threat Defense 4.4.2 Mcafee Advanced Threat Defense 4.6 Mcafee Advanced Threat Defense 4.6.2	19

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10304