CVE-2021-23896

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:database_security:*:*:*:*:*:*:*:*

History

21 Nov 2024, 05:52

Type Values Removed Values Added
CVSS v2 : 2.7
v3 : 4.5
v2 : 2.7
v3 : 3.2
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 -

07 Nov 2023, 03:31

Type Values Removed Values Added
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 -

Information

Published : 2021-06-02 14:15

Updated : 2024-11-21 05:52


NVD link : CVE-2021-23896

Mitre link : CVE-2021-23896

CVE.ORG link : CVE-2021-23896


JSON object : View

Products Affected

mcafee

  • database_security
CWE
CWE-319

Cleartext Transmission of Sensitive Information