CVE-2020-7322: Exposure of Sensitive Information in ENS for Windows
First published: Wed Sep 09 2020(Updated: )
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.
Credit: psirt@mcafee.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mcafee Endpoint Security | <10.7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-7322?
CVE-2020-7322 is an information disclosure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update.
How does CVE-2020-7322 impact affected systems?
CVE-2020-7322 allows local users to gain access to sensitive information by incorrectly logging sensitive information in debug logs.
Which software versions are affected by CVE-2020-7322?
McAfee Endpoint Security for Windows versions prior to 10.7.0 are affected by CVE-2020-7322.
What is the severity level of CVE-2020-7322?
CVE-2020-7322 has a severity level of medium with a CVSS score of 4.7.
How can I fix CVE-2020-7322?
To fix CVE-2020-7322, users should update McAfee Endpoint Security for Windows to version 10.7.0 or later.
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/title
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- vendor/mcafee
- canonical/mcafee endpoint security