CVE-2019-3650
Advanced Threat Defense (ATD) - Information Disclosure vulnerability
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.3EPSS 0.9%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
13 Nov 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to the atduser credentials via carefully constructed GET request extracting insecurely information stored in the database.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected products
McAfee · Advanced Threat Defense (ATD)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →