- Description
- Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.
- Source
- trellixpsirt@trellix.com
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 4.4
- Impact score
- 3.6
- Exploitability score
- 0.8
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 3.0
- Type
- Secondary
- Base score
- 8.2
- Impact score
- 6
- Exploitability score
- 1.5
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:P/I:N/A:N
- nvd@nist.gov
- CWE-312
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6FDFFFE7-7B54-4E27-9B9D-47529DB779D7",
"versionEndIncluding": "4.1.2",
"versionStartIncluding": "4.0.0"
},
{
"criteria": "cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9D29F800-96C8-46B3-A797-EA82ADD6AC72",
"versionEndIncluding": "5.0.1",
"versionStartIncluding": "5.0.0"
},
{
"criteria": "cpe:2.3:a:mcafee:threat_intelligence_exchange:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "96EF0072-9343-49A7-95BC-474EA77FA457",
"versionEndIncluding": "2.3.1",
"versionStartIncluding": "2.0.0"
}
],
"operator": "OR"
}
]
}
]