← Back to CVEs
CVE-2019-3641
MEDIUM4.5
Description
Abuse of Authorization vulnerability in APIs exposed by TIE server in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0 allows remote authenticated users to modify stored reputation data via specially crafted messages.
CVE Details
CVSS v3.1 Score4.5
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:H/A:N
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredHIGH
User InteractionREQUIRED
Published11/13/2019
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
mcafee:threat_intelligence_exchange_server
Weaknesses (CWE)
CWE-285
References
https://kc.mcafee.com/corporate/index?page=content&id=SB10303(trellixpsirt@trellix.com)
https://kc.mcafee.com/corporate/index?page=content&id=SB10303(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.