CVE-2020-7339: Database Security(DBS)-Use of a Broken or Risky Cryptographic Algorithm
First published: Wed Dec 09 2020(Updated: )
Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors.
Credit: psirt@mcafee.com trellixpsirt@trellix.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| McAfee Database Security | <4.8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-7339?
CVE-2020-7339 is a vulnerability in McAfee Database Security Server and Sensor prior to version 4.8.0 that allows an attacker on the same local network to intercept communication between the Server and Sensors.
How does CVE-2020-7339 affect McAfee Database Security?
CVE-2020-7339 affects McAfee Database Security Server and Sensor versions prior to 4.8.0.
What is the severity of CVE-2020-7339?
CVE-2020-7339 has a severity level of 6.3 (medium).
How can an attacker exploit CVE-2020-7339?
An attacker on the same local network can exploit CVE-2020-7339 by using a SHA1 signed certificate to intercept communication between the McAfee Database Security Server and Sensors.
How can I fix CVE-2020-7339 in McAfee Database Security?
To fix CVE-2020-7339, upgrade your McAfee Database Security Server and Sensor to version 4.8.0 or later.
- collector/nvd-index
- collector/nvd-api
- agent/author
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/title
- agent/weakness
- agent/references
- agent/event
- agent/description
- agent/first-publish-date
- agent/tags
- agent/source
- vendor/mcafee
- canonical/mcafee database security