← volver
CVE-2019-3654

Client Proxy (MCP) - Authentication Bypass vulnerability

CVSS 5.3 MEDIUMEPSS 0.7%
Vexday Risk Score
13Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 5.3EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
22 nov 2019Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator.
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:N/I:N/A:H
Productos afectados
McAfee · Client Proxy (MCP)

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://kc.mcafee.com/corporate/index?page=content&id=SB10305