CVE-2015-7238

Published: Sep 18, 2015Modified: May 6, 2026

2.1

Vector

AV:L/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 3.9 / Impact: 2.9

Source: NVD

Description

The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files.

Affected (1)

Products: Mcafee: Threat Intelligence Exchange

Mcafee

1 product

Threat Intelligence Exchange

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Threat Intelligence Exchange	Up to 1.1

Related CWEs

CWE-264

References (2)

https://kc.mcafee.com/corporate/index?page=content&id=SB10132

Source: cve@mitre.org

Vendor Advisory

https://kc.mcafee.com/corporate/index?page=content&id=SB10132

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.