Vulnerabilites related to Intel - McAfee Agent
CVE-2017-3896 (GCVE-0-2017-3896)
Vulnerability from cvelistv5
Published
2017-02-13 16:00
Modified
2024-08-05 14:39
Severity ?
CWE
  • Unvalidated parameter vulnerability
Summary
Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated.
References
Impacted products
Vendor Product Version
Intel McAfee Agent Version: 5.0.x versions prior to 5.0.4.449
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:39:41.126Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "95903",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/95903"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10183"
          },
          {
            "name": "1037629",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037629"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "McAfee Agent",
          "vendor": "Intel",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.x versions prior to 5.0.4.449"
            }
          ]
        }
      ],
      "datePublic": "2017-01-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Unvalidated parameter vulnerability",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-25T09:57:01",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "name": "95903",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/95903"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10183"
        },
        {
          "name": "1037629",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037629"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2017-3896",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "McAfee Agent",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "5.0.x versions prior to 5.0.4.449"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Unvalidated parameter vulnerability"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "95903",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/95903"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10183",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10183"
            },
            {
              "name": "1037629",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1037629"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2017-3896",
    "datePublished": "2017-02-13T16:00:00",
    "dateReserved": "2016-12-26T00:00:00",
    "dateUpdated": "2024-08-05T14:39:41.126Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}