CVE-2019-3665 is a vulnerability in McAfee Webadvisor
Published on December 3, 2019

Code Injection vulnerability
Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site.

NVD

Vulnerability Analysis

CVE-2019-3665 can be exploited with network access, requires user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Attack Vector:

NETWORK

Attack Complexity:

LOW

Privileges Required:

NONE

User Interaction:

REQUIRED

Scope:

UNCHANGED

Confidentiality Impact:

NONE

Integrity Impact:

HIGH

Availability Impact:

NONE

Products Associated with CVE-2019-3665

Want to know whenever a new CVE is published for McAfee Webadvisor? stack.watch will email you.

McAfee Webadvisor

Affected Versions

McAfee, LLC McAfee Web Advisor (WA):

Version unspecified and below prior to 4.1.1.48 is affected.

Exploit Probability

EPSS

0.49%

Percentile

65.29%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-3665 is a vulnerability in McAfee WebadvisorPublished on December 3, 2019

Vulnerability Analysis

Products Associated with CVE-2019-3665

Affected Versions

Exploit Probability

CVE-2019-3665 is a vulnerability in McAfee Webadvisor
Published on December 3, 2019