CVE-2015-7238 — LOW (2.1) — White Hats Nepal

Q: How severe is CVE-2015-7238?

CVE-2015-7238 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-7238?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Threat Intelligence Exchange.

Vulnerability Description

The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files.

CVSS Score

2.1

LOW

AV:L/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Mcafee	Threat Intelligence Exchange	<= 1.1

Related Weaknesses (CWE)

CWE-264

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10132Vendor Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10132Vendor Advisory

FAQ

What is CVE-2015-7238?

CVE-2015-7238 is a vulnerability with a CVSS score of 2.1 (LOW). The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sens...

How severe is CVE-2015-7238?

CVE-2015-7238 has been rated LOW with a CVSS base score of 2.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7238?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Threat Intelligence Exchange.