CVE-2021-31831

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:database_security:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:06

Type Values Removed Values Added
CVSS v2 : 6.5
v3 : 5.5
v2 : 6.5
v3 : 4.9
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link

15 Nov 2023, 18:53

Type Values Removed Values Added
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link
CWE CWE-552
CVSS v2 : 6.5
v3 : 8.8
v2 : 6.5
v3 : 5.5

07 Nov 2023, 03:35

Type Values Removed Values Added
CWE CWE-552
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10359 -

Information

Published : 2021-06-03 10:15

Updated : 2024-11-21 06:06


NVD link : CVE-2021-31831

Mitre link : CVE-2021-31831

CVE.ORG link : CVE-2021-31831


JSON object : View

Products Affected

mcafee

  • database_security
CWE
CWE-552

Files or Directories Accessible to External Parties