var-201901-0048
Vulnerability from variot
Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter. McAfee Web Gateway Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. McAfee Web Gateway is prone to a remote denial-of-service vulnerability. Successful exploits of this issue will allow attackers to cause a denial-of-service condition. The following versions are vulnerable: 7.8.2 versions prior to 7.8.2.5 8.0 versions prior to 8.0.2. The product provides features such as threat protection, application control, and data loss prevention. Proxy is one of the proxy components. The proxy component in McAfee MWG 7.8.2.0 and later versions has an input validation vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0048",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.8.2.5"
},
{
"model": "web gateway",
"scope": "lt",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.0.2.0"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "7.8.2.0"
},
{
"model": "web gateway",
"scope": "gte",
"trust": 1.0,
"vendor": "mcafee",
"version": "8.0.0.0"
},
{
"model": "web gateway software",
"scope": null,
"trust": 0.8,
"vendor": "mcafee",
"version": null
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.0.1"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.8.2"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.0"
},
{
"model": "web gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.8.2.4"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "8.0.2"
},
{
"model": "web gateway",
"scope": "ne",
"trust": 0.3,
"vendor": "mcafee",
"version": "7.8.2.5"
}
],
"sources": [
{
"db": "BID",
"id": "106796"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:mcafee:web_gateway",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The vendor reported this issue.",
"sources": [
{
"db": "BID",
"id": "106796"
}
],
"trust": 0.3
},
"cve": "CVE-2019-3581",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2019-3581",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "VHN-155016",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 3.9,
"id": "CVE-2019-3581",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2019-3581",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "trellixpsirt@trellix.com",
"id": "CVE-2019-3581",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2019-3581",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-209",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-155016",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155016"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-209"
},
{
"db": "NVD",
"id": "CVE-2019-3581"
},
{
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Improper input validation in the proxy component of McAfee Web Gateway 7.8.2.0 and later allows remote attackers to cause a denial of service via a crafted HTTP request parameter. McAfee Web Gateway Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. McAfee Web Gateway is prone to a remote denial-of-service vulnerability. \nSuccessful exploits of this issue will allow attackers to cause a denial-of-service condition. \nThe following versions are vulnerable:\n7.8.2 versions prior to 7.8.2.5\n8.0 versions prior to 8.0.2. The product provides features such as threat protection, application control, and data loss prevention. Proxy is one of the proxy components. The proxy component in McAfee MWG 7.8.2.0 and later versions has an input validation vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-3581"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "BID",
"id": "106796"
},
{
"db": "VULHUB",
"id": "VHN-155016"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-3581",
"trust": 2.8
},
{
"db": "MCAFEE",
"id": "SB10264",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201901-209",
"trust": 0.7
},
{
"db": "BID",
"id": "106796",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-155016",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155016"
},
{
"db": "BID",
"id": "106796"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-209"
},
{
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"id": "VAR-201901-0048",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-155016"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:26:05.567000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SB10264",
"trust": 0.8,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10264"
},
{
"title": "McAfee Web Gateway Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=88394"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-209"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155016"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.9,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10264"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3581"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3581"
},
{
"trust": 0.3,
"url": "http://www.mcafee.com/"
},
{
"trust": 0.1,
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026amp;id=sb10264"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-155016"
},
{
"db": "BID",
"id": "106796"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-209"
},
{
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-155016"
},
{
"db": "BID",
"id": "106796"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-209"
},
{
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-09T00:00:00",
"db": "VULHUB",
"id": "VHN-155016"
},
{
"date": "2019-01-08T00:00:00",
"db": "BID",
"id": "106796"
},
{
"date": "2019-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"date": "2019-01-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-209"
},
{
"date": "2019-01-09T14:29:00.207000",
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-155016"
},
{
"date": "2019-01-08T00:00:00",
"db": "BID",
"id": "106796"
},
{
"date": "2019-03-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001398"
},
{
"date": "2019-10-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-209"
},
{
"date": "2024-11-21T04:42:12.717000",
"db": "NVD",
"id": "CVE-2019-3581"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-209"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "McAfee Web Gateway Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001398"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-209"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…