Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Incorrect access to deleted scripts vulnerability in McAfee DBSec
Vulnerability Description
Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
对外部实体的文件或目录可访问
Vulnerability Title
McAfee 数据库 安全漏洞
Vulnerability Description
Mcafee Database Security Server是美国迈克菲(Mcafee)公司的一款数据库安全软件。该软件可为用户提供数据库的整体情况和相应安全状况,实时保护关键业务数据库免受外部,内部和内部数据库威胁的侵害。 McAfee数据库4.8.2之前存在安全漏洞,该漏洞允许远程身份验证的攻击者可利用该漏洞访问管理控制台中标记为删除或过期的签名SQL脚本。
CVSS Information
N/A
Vulnerability Type
N/A