Merge pull request #2030 from lordoxley/patch-17

publish 2019-3586
2025-05-08 03:27:03 +00:00 · 2019-05-15 11:48:16 -04:00 · 2019-05-15 11:48:16 -04:00 · 58d10829e2
commit 58d10829e2
parent 9d61d10778 bed8850e2d
1 changed files with 73 additions and 4 deletions
--- a/2019/3xxx/CVE-2019-3586.json
+++ b/2019/3xxx/CVE-2019-3586.json
@ -1,8 +1,34 @@
 {
    "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
+        "ASSIGNER": "psirt@mcafee.com",
        "ID": "CVE-2019-3586",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC",
+        "TITLE": "McAfee Endpoint Security firewall not always acting on GTI lookup results"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "McAfee Endpoint Security (ENS)",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "10.x",
+                                            "version_value": "10.6.1 May 2019 update"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "McAfee, LLC"
+                }
+            ]
+        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
@ -11,8 +37,51 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.\n"
            }
        ]
+    },
+    "generator": {
+        "engine": "Vulnogram 0.0.6"
+    },
+    "impact": {
+        "cvss": {
+            "attackComplexity": "HIGH",
+            "attackVector": "NETWORK",
+            "availabilityImpact": "HIGH",
+            "baseScore": 7.5,
+            "baseSeverity": "HIGH",
+            "confidentialityImpact": "LOW",
+            "integrityImpact": "LOW",
+            "privilegesRequired": "NONE",
+            "scope": "CHANGED",
+            "userInteraction": "REQUIRED",
+            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:H",
+            "version": "3.0"
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-693 Protection Mechanism Failure"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10280",
+                "refsource": "CONFIRM",
+                "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10280"
+            }
+        ]
+    },
+    "source": {
+        "discovery": "EXTERNAL"
    }
-}
+}