CVE-2021-31831

Summary

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.

Affected Software

VendorProductVersion RangeStatus
McAfee,LLCMcAfee Database Security (DBSec)unspecified < 4.8.2affected

Weaknesses

  • CWE-552: CWE-552: Files or Directories Accessible to External Parties

ADP Enrichment

CVE Program Container

Additional References

References