CVE-2020-7307

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10326", "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10326", "tags": ["Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-522"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2020-7307", "ASSIGNER": "psirt@mcafee.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "severity": "LOW", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "baseMetricV3": {"cvssV3": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.0}}, "publishedDate": "2020-08-13T04:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:mcafee:data_loss_prevention:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "11.3.28", "versionStartIncluding": "11.3.0"}, {"cpe23Uri": "cpe:2.3:a:mcafee:data_loss_prevention:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "11.4.200", "versionStartIncluding": "11.4.0"}, {"cpe23Uri": "cpe:2.3:a:mcafee:data_loss_prevention:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "11.5.3", "versionStartIncluding": "11.5.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2022-06-01T19:28Z"}