CVE Vulnerabilities

CVE-2022-1257

Insecure Storage of Sensitive Information

Published: Apr 14, 2022 | Modified: Apr 23, 2022
CVSS 3.x
5.5
MEDIUM
Source:
NVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files.

Weakness

The software stores sensitive information without properly limiting read or write access by unauthorized actors.

Affected Software

Name Vendor Start Version End Version
Agent Mcafee * *

References