CVE-2019-3651 is a vulnerability in McAfee Advanced Threat Defense
Published on November 13, 2019

Advanced Threat Defense (ATD) - Information Disclosure vulnerability
Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.

NVD

Vulnerability Analysis

CVE-2019-3651 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

UNCHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Products Associated with CVE-2019-3651

Want to know whenever a new CVE is published for McAfee Advanced Threat Defense? stack.watch will email you.

McAfee Advanced Threat Defense

Affected Versions

McAfee Advanced Threat Defense (ATD):

Version unspecified and below 4.8 is affected.

Exploit Probability

EPSS

0.46%

Percentile

64.10%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-3651 is a vulnerability in McAfee Advanced Threat DefensePublished on November 13, 2019

Vulnerability Analysis

Products Associated with CVE-2019-3651

Affected Versions

Exploit Probability

CVE-2019-3651 is a vulnerability in McAfee Advanced Threat Defense
Published on November 13, 2019