Authentication Bypass Vulnerability in McAfee Client Proxy (MCP) Allows Local User to Access Blocked Sites

Authentication Bypass Vulnerability in McAfee Client Proxy (MCP) Allows Local User to Access Blocked Sites

CVE-2019-3654 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Authentication Bypass vulnerability in the Microsoft Windows client in McAfee Client Proxy (MCP) prior to 3.0.0 allows local user to bypass scanning of web traffic and gain access to blocked sites for a short period of time via generating an authorization key on the client which should only be generated by the network administrator.

Learn more about our Web App Pen Testing.