← Volver a CVEs
CVE-2019-3660
HIGH8.4
Descripcion
Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests.
Detalles CVE
Puntuacion CVSS v3.18.4
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:H
Vector de ataqueNETWORK
ComplejidadHIGH
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado11/13/2019
Ultima modificacion11/21/2024
Fuentenvd
Avistamientos honeypot0
Productos afectados
mcafee:advanced_threat_defense
Referencias
https://kc.mcafee.com/corporate/index?page=content&id=SB10304(trellixpsirt@trellix.com)
https://kc.mcafee.com/corporate/index?page=content&id=SB10304(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.