← back
CVE-2020-7307

DLP for Mac - Unprotected Storage of Credentials

CVSS 5.2 MEDIUMEPSS 0.3%CWE-522
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 5.2EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Aug 2020Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
Affected products
McAfee · Data Loss Prevention(DLP)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://kc.mcafee.com/corporate/index?page=content&id=SB10326