CVE-2019-3654

Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:mcafee:client_proxy:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:42

Type Values Removed Values Added
CVSS v2 : 6.8
v3 : 8.6
v2 : 6.8
v3 : 5.3
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10305 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10305 -

07 Nov 2023, 03:10

Type Values Removed Values Added
References (MISC) https://kc.mcafee.com/corporate/index?page=content&id=SB10305 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10305 -

Information

Published : 2019-11-22 20:15

Updated : 2024-11-21 04:42


NVD link : CVE-2019-3654

Mitre link : CVE-2019-3654

CVE.ORG link : CVE-2019-3654


JSON object : View

Products Affected

microsoft

  • windows

mcafee

  • client_proxy
CWE
CWE-287

Improper Authentication