Request a Demo
Rewterz
Rewterz Threat Advisory – CVE-2021-29740 – IBM Spectrum Scale Privilege Escalation
June 2, 2021
Rewterz
Rewterz Threat Alert – Nanocore Rat – Active IOCs
June 3, 2021

Rewterz Threat Advisory – Multiple McAfee Security Vulnerabilities


Severity

High

Analysis Summary

CVE-2021-23894 

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote unauthenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server.

CVE-2021-23895

Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to create a reverse shell with administrator privileges on the DBSec server via carefully constructed Java serialized object sent to the DBSec server.

CVE-2021-23896

Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server

CVE-2021-23897

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to embed JavaScript code when configuring the name of a database to be monitored. This would be triggered when any authorized user logs into the DBSec interface and opens the properties configuration page for this database.

CVE-2021-23898

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.
The scripts are retained to allow them to be used when analyzing older events should they be required in the future. The impact has been judged to be low as it is expected that the scripts are created in good faith.

Impact

  • Deserialization of Untrusted Data
  • Clear text Transmission of Sensitive Information
  • Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
  • Files or Directories Accessible to External Parties.

Affected Vendors

McAfee

Affected Products

  • Database Security (DBSec) 4.8.2

Remediation

User are advice to upgrade to DBSec 4.8.2

https://www.mcafee.com/enterprise/en-us/downloads.html