CVE-2021-31831 — MEDIUM (4.9)

Q: How severe is CVE-2021-31831?

CVE-2021-31831 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2021-31831?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Database Security.

Vulnerability Description

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.

CVSS Score

4.9

MEDIUM

CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

LOW

Integrity

LOW

Availability

LOW

Affected Products

Vendor	Product	Versions
Mcafee	Database Security	< 4.8.2

Related Weaknesses (CWE)

CWE-552

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10359Broken Link
https://kc.mcafee.com/corporate/index?page=content&id=SB10359Broken Link

FAQ

What is CVE-2021-31831?

CVE-2021-31831 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked ...

How severe is CVE-2021-31831?

CVE-2021-31831 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2021-31831?

Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Database Security.