CVE-2019-3628Improper Privilege Management in LLC Mcafee Enterprise Security Manager

3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.8%
top 26.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee LLC Mcafee Enterprise Security ManagerMcafee Enterprise Security Manager
Timeline
PublishedJun 27
Latest updateMay 24

Description

Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDmcafee/enterprise_security_manager11.0.011.2.0

🔴Vulnerability Details

2
GHSA
GHSA-97x4-67g6-2fgm: Privilege escalation in McAfee Enterprise Security Manager (ESM) 112022-05-24
CVEList
Privilege escalation could allow authenticated user to gain access to a core system2019-06-27
CVE-2019-3628 — Improper Privilege Management | cvebase