CVE-2019-3660

Published: Nov 13, 2019Modified: Nov 21, 2024

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests.

Affected (1)

Products: Mcafee: Advanced Threat Defense

Mcafee

1 product

Advanced Threat Defense

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Advanced Threat Defense	Before 4.8

References (2)

https://kc.mcafee.com/corporate/index?page=content&id=SB10304

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10304

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.