CVE-2019-3628: Privilege escalation could allow authenticated user to gain access to a core system
First published: Thu Jun 27 2019(Updated: )
Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 allows authenticated user to gain access to a core system component via incorrect access control.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Enterprise Security Manager | >=11.0.0<11.2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-3628?
CVE-2019-3628 is a vulnerability in McAfee Enterprise Security Manager (ESM) 11.x prior to 11.2.0 that allows an authenticated user to gain access to a core system component via incorrect access control.
How severe is CVE-2019-3628?
CVE-2019-3628 has a severity score of 8.8, which is considered high.
Which version of McAfee Enterprise Security Manager (ESM) is affected by CVE-2019-3628?
CVE-2019-3628 affects McAfee Enterprise Security Manager (ESM) 11.x versions prior to 11.2.0.
How can an authenticated user exploit CVE-2019-3628?
An authenticated user can exploit CVE-2019-3628 by leveraging incorrect access control to gain access to a core system component.
How can I fix CVE-2019-3628?
To fix CVE-2019-3628, you should upgrade McAfee Enterprise Security Manager (ESM) to version 11.2.0 or later.
- collector/nvd-index
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/references
- agent/title
- agent/author
- agent/softwarecombine
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee enterprise security manager
- version/mcafee enterprise security manager/11.0.0