CVE-2014-9921

CRITICAL

McAfee Cloud Analysis and Deconstructive Services <= 1.0.0.4d - Unauthenticated Information Disclosure

Title source: llm

Description

Information disclosure vulnerability in McAfee (now Intel Security) Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier allows remote unauthenticated users to view, add, and remove users via a configuration error.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://kc.mcafee.com/corporate/index?page=content&id=SB10087

Scores

CVSS v3 9.8

EPSS 0.0120

EPSS Percentile 79.1%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-264

Status published

Products (3)

Intel/Cloud Analysis and Deconstructive Services (CADS) 1.0.0.3x, 1.0.0.4d and earlier

mcafee/cloud_analysis_and_deconstructive_services 1.0.0.3

mcafee/cloud_analysis_and_deconstructive_services < 1.0.0.4d

Published Mar 14, 2017

Tracked Since Feb 18, 2026