{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T18:41:28.751","vulnerabilities":[{"cve":{"id":"CVE-2020-7269","sourceIdentifier":"trellixpsirt@trellix.com","published":"2021-04-15T08:15:12.823","lastModified":"2024-11-21T05:36:57.793","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deployed as recommended with no direct access from the Internet to them."},{"lang":"es","value":"Una vulnerabilidad de Exposición de Información Confidencial en la interfaz web en McAfee Advanced Threat Defense (ATD) anterior a versión 4.12.2, permite a usuarios autenticados remotos visualizar información confidencial no cifrada por medio de un parámetro de petición HTTP cuidadosamente diseñado. El riesgo es parcialmente mitigado si sus instancias de ATD son implementadas como se recomienda sin acceso directo desde Internet hacia ellas"}],"metrics":{"cvssMetricV31":[{"source":"trellixpsirt@trellix.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L","baseScore":4.9,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"LOW"},"exploitabilityScore":1.5,"impactScore":3.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"trellixpsirt@trellix.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:mcafee:advanced_threat_defense:*:*:*:*:*:*:*:*","versionEndExcluding":"4.12.2","matchCriteriaId":"20882C8D-3565-4189-825B-6BA28F5BE6CE"}]}]}],"references":[{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10336","source":"trellixpsirt@trellix.com","tags":["Broken Link","Vendor Advisory"]},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10336","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Vendor Advisory"]}]}}]}