CVE-2021-23884

Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter (CSR) prior to 2.8.0 allows an ePO administrator to view the unencrypted password of the McAfee Web Gateway (MWG) or the password of the McAfee Web Gateway Cloud Server (MWGCS) read only user used to retrieve log files for analysis in CSR.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:content_security_reporter:*:*:*:*:*:*:*:*

History

16 Nov 2023, 02:51

Type Values Removed Values Added
CWE CWE-319
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10353 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10353 - Broken Link

07 Nov 2023, 03:30

Type Values Removed Values Added
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10353 - Patch, Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10353 -
CWE CWE-319

Information

Published : 2021-04-15 08:15

Updated : 2024-02-28 18:28


NVD link : CVE-2021-23884

Mitre link : CVE-2021-23884

CVE.ORG link : CVE-2021-23884


JSON object : View

Products Affected

mcafee

  • content_security_reporter
CWE
CWE-319

Cleartext Transmission of Sensitive Information