Authentication Bypass vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10, 3.8, 3.6, 3.4 allows remote unauthenticated users / remote attackers to change or update any configuration settings, or gain administrator functionality via a crafted HTTP request parameter.
References
Link | Resource |
---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10204 | Patch Vendor Advisory |
http://www.securityfocus.com/bid/99557 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-07-12 08:29
Updated : 2017-07-17 06:18
NVD link : CVE-2017-4052
Mitre link : CVE-2017-4052
JSON object : View
CWE
CWE-306
Missing Authentication for Critical Function
Products Affected
mcafee
- advanced_threat_defense