CVE-2019-3606 — HIGH (7.7) — White Hats Nepal

Q: How severe is CVE-2019-3606?

CVE-2019-3606 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-3606?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Network Security Manager.

Vulnerability Description

Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrators to view configuration information in plain text format via the GUI or GUI terminal commands.

CVSS Score

7.7

HIGH

CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Mcafee	Network Security Manager	>= 9.1, < 9.1.7.75

Related Weaknesses (CWE)

CWE-312

References

FAQ

What is CVE-2019-3606?

CVE-2019-3606 is a vulnerability with a CVSS score of 7.7 (HIGH). Data Leakage Attacks vulnerability in the web portal component when in an MDR pair in McAfee Network Security Management (NSM) 9.1 < 9.1.7.75 (Update 4) and 9.2 < 9.2.7.31 Update2 allows administrator...

How severe is CVE-2019-3606?

CVE-2019-3606 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-3606?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Network Security Manager.