Vulnerability Details CVE-2019-3663
Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 2.1
References
Products affected by CVE-2019-3663
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.10
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.2.32
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.4.14
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.4.142
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.4.6
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.6
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.6.2
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.8
-
cpe:2.3:a:mcafee:advanced_threat_defense:3.8.0
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.0
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.0.4
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.0.6
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.2
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.2.2
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.4
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.4.2
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.6
-
cpe:2.3:a:mcafee:advanced_threat_defense:4.6.2