CVE-2020-7339

MEDIUM

McAfee Database Security < 4.8.0 - Use of a Broken or Risky Cryptographic Algorithm via SHA1 Signed Certificate

Title source: llm
STIX 2.1

Description

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors.

References (1)

Core 1
Core References
Broken Link, Vendor Advisory x_refsource_misc
https://kc.mcafee.com/corporate/index?page=content&id=SB10340

Scores

CVSS v3 6.3
EPSS 0.0006
EPSS Percentile 17.8%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-327
Status published
Products (1)
mcafee/database_security < 4.8.0
Published Dec 10, 2020
Tracked Since Feb 18, 2026