CVE-2019-3651: Advanced Threat Defense (ATD) - Information Disclosure vulnerability
First published: Wed Nov 13 2019(Updated: )
Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD prior to 4.8 allows remote authenticated attackers to gain access to ePO as an administrator via using the atduser credentials, which were too permissive.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Advanced Threat Defense | <4.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-3651?
CVE-2019-3651 is an Information Disclosure vulnerability in McAfee Advanced Threat Defense (ATD) prior to version 4.8.
How does CVE-2019-3651 impact McAfee Advanced Threat Defense?
CVE-2019-3651 allows remote authenticated attackers to gain access to ePO as an administrator using the atduser credentials.
How severe is CVE-2019-3651?
CVE-2019-3651 has a severity rating of 8.8 (high).
How can I fix CVE-2019-3651 in McAfee Advanced Threat Defense?
To fix CVE-2019-3651, update McAfee Advanced Threat Defense to version 4.8 or newer.
Where can I find more information about CVE-2019-3651?
You can find more information about CVE-2019-3651 in the following link: [McAfee Security Bulletin SB10304](https://kc.mcafee.com/corporate/index?page=content&id=SB10304).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/title
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee advanced threat defense