Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.
References
Link | Resource |
---|---|
https://kc.mcafee.com/corporate/index?page=content&id=SB10359 | Broken Link |
https://kc.mcafee.com/corporate/index?page=content&id=SB10359 | Broken Link |
Configurations
History
21 Nov 2024, 06:06
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 4.9 |
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link |
15 Nov 2023, 18:53
Type | Values Removed | Values Added |
---|---|---|
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link | |
CWE | CWE-552 | |
CVSS |
v2 : v3 : |
v2 : 6.5
v3 : 5.5 |
07 Nov 2023, 03:35
Type | Values Removed | Values Added |
---|---|---|
CWE | ||
References | () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - |
Information
Published : 2021-06-03 10:15
Updated : 2024-11-21 06:06
NVD link : CVE-2021-31831
Mitre link : CVE-2021-31831
CVE.ORG link : CVE-2021-31831
JSON object : View
Products Affected
mcafee
- database_security
CWE
CWE-552
Files or Directories Accessible to External Parties