{"api_version":"1","generated_at":"2026-04-22T22:38:10+00:00","cve":"CVE-2019-3612","urls":{"html":"https://cve.report/CVE-2019-3612","api":"https://cve.report/api/cve/CVE-2019-3612.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-3612","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-3612"},"summary":{"title":"CVE-2019-3612","description":"Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.","state":"PUBLIC","assigner":"psirt@mcafee.com","published_at":"2019-04-10 20:29:00","updated_at":"2023-11-07 03:10:00"},"problem_types":["CWE-312"],"metrics":[],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10279","name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10279","refsource":"","tags":[],"title":"McAfee Security Bulletin - Data Exchange Layer and Threat Intelligence Exchange updates fix an information disclosure vulnerability (CVE-2019-3612)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-3612","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-3612","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"3612","vulnerable":"1","versionEndIncluding":"4.1.2","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"data_exchange_layer","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3612","vulnerable":"1","versionEndIncluding":"5.0.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"data_exchange_layer","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"3612","vulnerable":"1","versionEndIncluding":"2.3.1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"mcafee","cpe5":"threat_intelligence_exchange","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"psirt@mcafee.com","ID":"CVE-2019-3612","STATE":"PUBLIC","TITLE":"Information disclosure vulnerability in McAfee TIE Server and DXL Platform"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Data eXchange Layer (DXL) Platform","version":{"version_data":[{"version_affected":"<","version_value":"5.0.1 HF2"}]}},{"product_name":"Threat Intelligence Exchange (TIE) Server","version":{"version_data":[{"version_affected":"<","version_value":"2.3.1 HF1"}]}}]},"vendor_name":"McAfee, LLC"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line."}]},"generator":{"engine":"Vulnogram 0.0.6"},"impact":{"cvss":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":8.2,"baseSeverity":"HIGH","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"HIGH","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","version":"3.0"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Information Disclosure vulnerability"}]}]},"references":{"reference_data":[{"name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10279","refsource":"CONFIRM","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10279"}]},"source":{"discovery":"INTERNAL"}},"nvd":{"publishedDate":"2019-04-10 20:29:00","lastModifiedDate":"2023-11-07 03:10:00","problem_types":["CWE-312"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":4.4,"baseSeverity":"MEDIUM"},"exploitabilityScore":0.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*","versionStartIncluding":"4.0.0","versionEndIncluding":"4.1.2","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*","versionStartIncluding":"5.0.0","versionEndIncluding":"5.0.1","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:mcafee:threat_intelligence_exchange:*:*:*:*:*:*:*:*","versionStartIncluding":"2.0.0","versionEndIncluding":"2.3.1","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"3612","Ordinal":"141220","Title":"CVE-2019-3612","CVE":"CVE-2019-3612","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"3612","Ordinal":"1","NoteData":"Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"3612","Ordinal":"2","NoteData":"2019-04-10","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"3612","Ordinal":"3","NoteData":"2019-04-10","Type":"Other","Title":"Modified"}]}}}