Vulnerability Details CVE-2017-3899
SQL injection vulnerability in Intel Security Advanced Threat Defense (ATD) Linux 3.6.0 and earlier allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.3%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2017-3899
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.2.32
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.4.14
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.4.142
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.6
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.6
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.6.2
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.8
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.8.0