Exposure of Sensitive Information in ENS for Windows
CVE-2020-7322

4.7MEDIUM

Key Information:

Vendor: Mcafee Llc
Status: Endpoint Security For Windows
Vendor: CVE Published:; 9 September 2020

Summary

Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs.

Affected Version(s)

Endpoint Security for Windows 10.7.x < 10.7.0 September 2020 Update

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Sep 9, 2020
Vulnerability Reserved
Jan 21, 2020