CVE-2019-3663
Summary
| CVE | CVE-2019-3663 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-11-14 00:15:00 UTC |
| Updated | 2023-11-07 03:10:00 UTC |
| Description | Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details |
Risk And Classification
Problem Types: CWE-522
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Mcafee | Advanced Threat Defense | All | All | All | All |
| Application | Mcafee | Advanced Threat Defense | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| McAfee Security Bulletin - Advanced Threat Defense update fixes seven vulnerabilities (CVE-2019-3649, CVE-2019-3650, CVE-2019-3651, CVE-2019-3660, CVE-2019-3661, CVE-2019-3662, and CVE-2019-3663) | MISC | kc.mcafee.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.