Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deployed as recommended with no direct access from the Internet to them.
References
Link | Resource |
---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10336 | Patch Vendor Advisory |
Configurations
Information
Published : 2021-04-15 01:15
Updated : 2021-04-21 13:27
NVD link : CVE-2020-7269
Mitre link : CVE-2020-7269
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
mcafee
- advanced_threat_defense