cvelist/2019/3xxx/CVE-2019-3612.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@mcafee.com",
        "ID": "CVE-2019-3612",
        "STATE": "PUBLIC",
        "TITLE": "Information disclosure vulnerability in McAfee TIE Server and DXL Platform"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Data eXchange Layer (DXL) Platform",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "5.0.1 HF2"
                                        }
                                    ]
                                }
                            },
                            {
                                "product_name": "Threat Intelligence Exchange (TIE) Server",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "2.3.1 HF1"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "McAfee, LLC"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line."
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.0.6"
    },
    "impact": {
        "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Information Disclosure vulnerability"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10279",
                "refsource": "CONFIRM",
                "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10279"
            }
        ]
    },
    "source": {
        "discovery": "INTERNAL"
    }
}