CVE-2019-3666

Medium

6.5/10

Summary

API Abuse/Misuse vulnerability in the web interface in McAfee Web Advisor (WA) prior to 4.1.1.48 allows remote unauthenticated attacker to allow the browser to navigate to restricted websites via a carefully crafted web site.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Dec 03, 2019

CVE-2019-3666

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS