CVE-2021-31831

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.

CVSS v3 4.9 MEDIUM
CVSS v2.0 6.5 MEDIUM

4.9^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.5 / Impact : 3.4

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

6.5^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 8.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://kc.mcafee.com/corporate/index?page=content&id=SB10359	Broken Link
https://kc.mcafee.com/corporate/index?page=content&id=SB10359	Broken Link

Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:database_security:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:06

Type	Values Removed	Values Added
CVSS	v2 : ~~6.5~~ v3 : ~~5.5~~	v2 : 6.5 v3 : 4.9
References	~~() https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link~~	() https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link

15 Nov 2023, 18:53

Type	Values Removed	Values Added
References	~~() https://kc.mcafee.com/corporate/index?page=content&id=SB10359 -~~	() https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Broken Link
CWE		CWE-552
CVSS	v2 : ~~6.5~~ v3 : ~~8.8~~	v2 : 6.5 v3 : 5.5

07 Nov 2023, 03:35

Type	Values Removed	Values Added
CWE	~~CWE-552~~
References	~~(CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10359 - Vendor Advisory~~	() https://kc.mcafee.com/corporate/index?page=content&id=SB10359 -

Information

Published : 2021-06-03 10:15

Updated : 2024-11-21 06:06

NVD link : CVE-2021-31831

Mitre link : CVE-2021-31831

CVE.ORG link : CVE-2021-31831

JSON object : View

Products Affected

mcafee

database_security

CWE

CWE-552

Files or Directories Accessible to External Parties

{"id": "CVE-2021-31831", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.9, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 1.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.4, "exploitabilityScore": 2.1}]}, "published": "2021-06-03T10:15:07.437", "references": [{"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10359", "tags": ["Broken Link"], "source": "trellixpsirt@trellix.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10359", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-552"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-552"}]}], "descriptions": [{"lang": "en", "value": "Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API."}, {"lang": "es", "value": "Una vulnerabilidad de acceso incorrecto a scripts eliminados en McAfee Database Security (DBSec) versiones anteriores a 4.8.2, permite a un atacante remoto autenticado conseguir acceso a scripts SQL firmados que han sido marcados como eliminados o caducados dentro de la consola administrativa. Este acceso solo estaba disponible mediante la API REST"}], "lastModified": "2024-11-21T06:06:18.910", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:database_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7587EA60-33A0-404E-8357-F057E06EA16B", "versionEndExcluding": "4.8.2"}], "operator": "OR"}]}], "sourceIdentifier": "trellixpsirt@trellix.com"}