SQL Injection Vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8

SQL Injection Vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8

CVE-2019-3661 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows remote authenticated attacker to execute database commands via carefully constructed time based payloads.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.