Unrated severityNVD Advisory· Published Nov 13, 2019· Updated Aug 4, 2024
Advanced Threat Defense (ATD) - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2019-3661
Description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.
Affected products
2<4.8+ 1 more
- (no CPE)range: <4.8
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- kc.mcafee.com/corporate/indexmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.