First published: Wed May 15 2019(Updated: )
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.
Credit: psirt@mcafee.com
Affected Software | Affected Version | How to fix |
---|---|---|
McAfee Endpoint Security | >=10.0.0<=10.6.1 | |
McAfee Endpoint Security | =10.6.1-201905 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of CVE-2019-3586 is high with a severity value of 7.5.
The affected software for CVE-2019-3586 is McAfee Endpoint Security versions prior to 10.6.1.
Context-dependent attackers can exploit CVE-2019-3586 by circumventing ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites.
Yes, the May 2019 update (version 10.6.1) of McAfee Endpoint Security provides a fix for CVE-2019-3586.
More information about CVE-2019-3586 can be found at the following references: http://www.securityfocus.com/bid/108416 and https://kc.mcafee.com/corporate/index?page=content&id=SB10280.