Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
McAfee Threat Intelligence Exchange Secondary服务器安全漏洞
Vulnerability Description
McAfee Threat Intelligence Exchange(TIE)美国迈克菲(McAfee)公司的一套提供安全恢复和感染防御功能的统一威胁防御系统。该系统提供全面的威胁智能感知、即时了解高级有针对性攻击的行迹和主动防护新威胁等功能。 McAfee TIE 1.2.0之前版本的Secondary服务器中存在安全漏洞,该漏洞源于程序为配置文件和安装日志文件分配弱权限。本地攻击者可通过读取文件利用该漏洞获取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A