Vulnerability in Mcafee Data_exchange_layer
CVE-2019-3612
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.
EPSS: 0.002 (15.0th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 4.4 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N.
Affected products
- Mcafee Data_exchange_layer
- Mcafee Threat_intelligence_exchange
- Mcafee, Llc Data Exchange Layer (Dxl) Platform — versions unspecified
- Mcafee, Llc Threat Intelligence Exchange (Tie) Server — versions unspecified
Weakness classification (CWE)
References
- trellixpsirt@trellix.com (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2019-3612?
- CVE-2019-3612 is a medium-severity vulnerability in Mcafee Data_exchange_layer, classified under Cleartext Storage of Sensitive Information. CVSS score: 4.4/10. Published 2019-04-10.
- How severe is CVE-2019-3612?
- Medium severity. CVSS v3 base score is 4.4 out of 10.