vulnerability
McAfee Endpoint Security Platform: CVE-2019-3586: Endpoint security fixes firewall not blocking all global threat intelligence flagged ip addresses vulnerability (SB10280)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:H/Au:N/C:P/I:P/A:P) | May 15, 2019 | Aug 11, 2020 | Mar 10, 2022 |
Severity
5
CVSS
(AV:N/AC:H/Au:N/C:P/I:P/A:P)
Published
May 15, 2019
Added
Aug 11, 2020
Modified
Mar 10, 2022
Description
Protection Mechanism Failure in the Firewall in McAfee Endpoint Security (ENS) 10.x prior to 10.6.1 May 2019 update allows context-dependent attackers to circumvent ENS protection where GTI flagged IP addresses are not blocked by the ENS Firewall via specially crafted malicious sites where the GTI reputation is carefully manipulated and does not correctly trigger the ENS Firewall to block the connection.
Solutions
mcafee-endpoint-security-platform-upgrade-10-5-3-3178mcafee-endpoint-security-platform-upgrade-10-5-4-4260mcafee-endpoint-security-platform-upgrade-10-5-5-5223mcafee-endpoint-security-platform-upgrade-10-6-1-1449
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.