Code Injection vulnerability
CVE-2019-3665

6.5MEDIUM

Key Information:

Vendor: Mcafee, Llc
Status: Mcafee Web Advisor (wa)
Vendor: CVE Published:; 3 December 2019

🔔 Create Mcafee, Llc Vulnerability Alert

What is CVE-2019-3665?

Code Injection vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to render a website which Web Advisor would normally have blocked via a carefully crafted web site.

Affected Version(s)

McAfee Web Advisor (WA) < unspecified

References

http://service.mcafee.com/FAQDocument.aspx?&id=TS102991

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Dec 3, 2019
Vulnerability Reserved
Jan 3, 2019

JSON