CVE-2015-8989
First published: Tue Mar 14 2017(Updated: )
Unsalted password vulnerability in the Enterprise Manager (web portal) component in Intel Security McAfee Vulnerability Manager (MVM) 7.5.8 and earlier allows attackers to more easily decrypt user passwords via brute force attacks against the database.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Vulnerability Manager | <=7.5.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2015-8989?
CVE-2015-8989 is considered critical due to its potential to allow brute force attacks on user passwords.
How do I fix CVE-2015-8989?
To mitigate CVE-2015-8989, upgrade to a version of McAfee Vulnerability Manager later than 7.5.8 that addresses this vulnerability.
Which versions of McAfee Vulnerability Manager are affected by CVE-2015-8989?
CVE-2015-8989 affects McAfee Vulnerability Manager versions 7.5.8 and earlier.
What types of attacks are possible with CVE-2015-8989?
CVE-2015-8989 enables attackers to easily decrypt user passwords through brute force methods against the database.
Is there a workaround for CVE-2015-8989 while waiting to upgrade?
There are no official workarounds for CVE-2015-8989; upgrading to a secure version is the only reliable solution.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/author
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/first-publish-date
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/mcafee
- canonical/mcafee vulnerability manager
- version/mcafee vulnerability manager/7.5.8