CVE-2020-7307

Summary

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.

Affected Software

VendorProductVersion RangeStatus
McAfeeData Loss Prevention(DLP)11.3 < 11.3.31affected
McAfeeData Loss Prevention(DLP)11.4 < 11.4.200affected
McAfeeData Loss Prevention(DLP)11.5 < 11.5.2affected

Weaknesses

  • CWE-522: CWE-522: Insufficiently Protected Credentials

ADP Enrichment

CVE Program Container

Additional References

References