CVE-2019-3612
MEDIUMMcAfee Data Exchange Layer 4.0.0-4.1.1 & Threat Intelligence Exchange 2.0.0-2.3.0 - Sensitive Info Exposure
Title source: llmDescription
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10279
Scores
CVSS v3
4.4
EPSS
0.0005
EPSS Percentile
15.1%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (2)
mcafee/data_exchange_layer
4.0.0 - 4.1.2
mcafee/threat_intelligence_exchange
2.0.0 - 2.3.1
Published
Apr 10, 2019
Tracked Since
Feb 18, 2026