CVE-2019-3663
published 2019-11-14CVE-2019-3663: Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password…
PriorityP341high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.91%
55.4th percentile
Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mcafee | advanced_threat_defense | < 4.8 | 4.8 |
| mcafee | advanced_threat_defense | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2019-11-14
Published