CVE-2019-3660

High CVSS 8.4

Overview

Improper Neutralization of HTTP requests in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute commands on the server remotely via carefully constructed HTTP requests.

CWE: N/A Published: 2019-11-13T23:15:12.043

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.4 (HIGH)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags