From 5e8921c9c1a2f468fccd47fc334ae5d0341122e4 Mon Sep 17 00:00:00 2001
From: lordoxley <40054947+lordoxley@users.noreply.github.com>
Date: Tue, 26 Feb 2019 15:18:47 +0000
Subject: [PATCH] Publishing CVE-2019-3599

SB going live around 10am CST
---
 2019/3xxx/CVE-2019-3599.json | 88 +++++++++++++++++++++++++++++++-----
 1 file changed, 77 insertions(+), 11 deletions(-)

diff --git a/2019/3xxx/CVE-2019-3599.json b/2019/3xxx/CVE-2019-3599.json
index 8ed4e373120..01a0856b726 100644
--- a/2019/3xxx/CVE-2019-3599.json
+++ b/2019/3xxx/CVE-2019-3599.json
@@ -1,18 +1,84 @@
 {
-   "CVE_data_meta" : {
-      "ASSIGNER" : "cve@mitre.org",
-      "ID" : "CVE-2019-3599",
-      "STATE" : "RESERVED"
+   "CVE_data_meta": {
+      "ASSIGNER": "psirt@mcafee.com",
+      "ID": "CVE-2019-3599",
+      "STATE": "PUBLIC",
+      "TITLE": "McAfee Agent update fixes an Information Disclosure vulnerability"
    },
-   "data_format" : "MITRE",
-   "data_type" : "CVE",
-   "data_version" : "4.0",
-   "description" : {
-      "description_data" : [
+   "affects": {
+      "vendor": {
+         "vendor_data": [
+            {
+               "product": {
+                  "product_data": [
+                     {
+                        "product_name": "McAfee Agent (MA)",
+                        "version": {
+                           "version_data": [
+                              {
+                                 "affected": "<",
+                                 "version_name": "5.x",
+                                 "version_value": "5.6.0 HF1"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name": "McAfee, LLC"
+            }
+         ]
+      }
+   },
+   "data_format": "MITRE",
+   "data_type": "CVE",
+   "data_version": "4.0",
+   "description": {
+      "description_data": [
          {
-            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "lang": "eng",
+            "value": "Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access sensitive information via remote logging when it is enabled."
          }
       ]
+   },
+   "impact": {
+      "cvss": {
+         "attackComplexity": "LOW",
+         "attackVector": "NETWORK",
+         "availabilityImpact": "NONE",
+         "baseScore": 6.5,
+         "baseSeverity": "MEDIUM",
+         "confidentialityImpact": "HIGH",
+         "integrityImpact": "NONE",
+         "privilegesRequired": "NONE",
+         "scope": "UNCHANGED",
+         "userInteraction": "REQUIRED",
+         "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
+         "version": "3.0"
+      }
+   },
+   "problemtype": {
+      "problemtype_data": [
+         {
+            "description": [
+               {
+                  "lang": "eng",
+                  "value": "Information Disclosure vulnerability"
+               }
+            ]
+         }
+      ]
+   },
+   "references": {
+      "reference_data": [
+         {
+            "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10271",
+            "refsource": "CONFIRM",
+            "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10271"
+         }
+      ]
+   },
+   "source": {
+      "discovery": "UNKNOWN"
    }
 }