ID CVE-2019-3629
Summary Application protection bypass vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and prior to 10.4.0 allows unauthenticated user to impersonate system users via specially crafted parameters.
References
Vulnerable Configurations
  • cpe:2.3:a:mcafee:enterprise_security_manager:10.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:10.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:enterprise_security_manager:10.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:10.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:enterprise_security_manager:10.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:10.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:enterprise_security_manager:11.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:11.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:enterprise_security_manager:11.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:11.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:enterprise_security_manager:11.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:11.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:enterprise_security_manager:11.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:11.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mcafee:enterprise_security_manager:11.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:mcafee:enterprise_security_manager:11.1.3:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 04-03-2023 - 01:46)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:P/A:N
refmap via4
confirm https://kc.mcafee.com/corporate/index?page=content&id=SB10284
Last major update 04-03-2023 - 01:46
Published 27-06-2019 - 21:15
Last modified 04-03-2023 - 01:46
Back to Top