First published: Wed Nov 13 2019(Updated: )
Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details
Credit: psirt@mcafee.com
Affected Software | Affected Version | How to fix |
---|---|---|
McAfee Advanced Threat Defense | <4.8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-3663 is an Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to version 4.8.
The CVE-2019-3663 vulnerability allows a local attacker to gain access to the root password by accessing sensitive files on the system.
The severity rating of CVE-2019-3663 vulnerability is High with a CVSS score of 7.8.
To fix the CVE-2019-3663 vulnerability in McAfee Advanced Threat Defense, update to version 4.8 or later.
You can find more information about the CVE-2019-3663 vulnerability in McAfee Advanced Threat Defense on the McAfee Knowledge Center website at https://kc.mcafee.com/corporate/index?page=content&id=SB10304.