Show plain JSON{"containers": {"cna": {"affected": [{"product": "Data Loss Prevention(DLP)", "vendor": "McAfee", "versions": [{"lessThan": "11.3.31", "status": "affected", "version": "11.3", "versionType": "custom"}, {"lessThan": "11.4.200", "status": "affected", "version": "11.4", "versionType": "custom"}, {"lessThan": "11.5.2", "status": "affected", "version": "11.5", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-522", "description": "CWE-522: Insufficiently Protected Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-08-13T03:20:13", "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10326"}], "source": {"advisory": "SB10326", "discovery": "EXTERNAL"}, "title": "DLP for Mac - Unprotected Storage of Credentials", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@mcafee.com", "ID": "CVE-2020-7307", "STATE": "PUBLIC", "TITLE": "DLP for Mac - Unprotected Storage of Credentials"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Data Loss Prevention(DLP)", "version": {"version_data": [{"version_affected": "<", "version_name": "11.3", "version_value": "11.3.31"}, {"version_affected": "<", "version_name": "11.4", "version_value": "11.4.200"}, {"version_affected": "<", "version_name": "11.5", "version_value": "11.5.2"}]}}]}, "vendor_name": "McAfee"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-522: Insufficiently Protected Credentials"}]}]}, "references": {"reference_data": [{"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10326", "refsource": "MISC", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10326"}]}, "source": {"advisory": "SB10326", "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T09:25:49.046Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10326"}]}]}, "cveMetadata": {"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "cveId": "CVE-2020-7307", "datePublished": "2020-08-13T03:20:13", "dateReserved": "2020-01-21T00:00:00", "dateUpdated": "2024-08-04T09:25:49.046Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}