CVE-2020-7306

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text

Published: Aug 13, 2020
Updated: Apr 14, 2023
CVE: CVE-2020-7306
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.2
AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-522

OWASP TOP 10:

A2 - Broken Authentication

Affected Software
References

Software	From	Fixed in
mcafee / data_loss_prevention	11.4.0	11.4.200
mcafee / data_loss_prevention	11.3.0	11.3.31
mcafee / data_loss_prevention	11.5.0	11.5.2

https://kc.mcafee.com/corporate/index?page=content&id=SB10326

Vulnerability Database

289,599

CVE-2020-7306