CVE-2020-7284 HIGH

CVE-2020-7284: Network Security Management (NSM) - Exposure of Sensitive Information

Vendor Mcafee
Product Network Security Management (NSM)
Weakness CWE-200 · Info exposure
Published July 3, 2020
Last update August 4, 2024
View on NVD All CVEs

CVSS base score

8.6/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI).

Key dates

02Disclosure timeline

July 3, 2020 CVE published
August 4, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2022-4869 Evolution Events Artaxerxes POST Parameter middleware.py information disclosure CVE-2025-54425 Umbraco's Delivery API allows for cached requests to be returned with an invalid API key CVE-2022-40629 Sensitive Information Disclosure Vulnerability in Tacitine Firewall CVE-2026-34905 Apache Answer: Unlisted Questions Accessible via Direct API Access CVE-2026-5847 code-projects Movie Ticketing System SQL Database Backup File moviedb.sql information disclosure