ID CVE-2019-3586
Summary Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.
References
Vulnerable Configurations
  • McAfee Endpoint Security (ENS) 10.6.1
    cpe:2.3:a:mcafee:endpoint_security:10.6.1
  • cpe:2.3:a:mcafee:endpoint_security:10.6.1:201905
    cpe:2.3:a:mcafee:endpoint_security:10.6.1:201905
CVSS
Base: 5.1
Impact:
Exploitability:
CWE CWE-254
CAPEC
refmap via4
bid 108416
confirm https://kc.mcafee.com/corporate/index?page=content&id=SB10280
Last major update 15-05-2019 - 12:29
Published 15-05-2019 - 12:29
Last modified 22-05-2019 - 08:29
Back to Top