Cleartext Transmission of Sensitive Information in McAfee DBSec
CVE-2021-23896

3.2LOW

Key Information:

Vendor: Mcafee,llc
Status: Mcafee Database Security (dbsec)
Vendor: CVE Published:; 2 June 2021

What is CVE-2021-23896?

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

McAfee Database Security (DBSec) < 4.8.2

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.2

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 2, 2021
Vulnerability Reserved
Jan 12, 2021

JSON

Mcafee,llc