McAfee Security Scan Plus < 3.11.587.1 Protection Level UI Element Download MitM Command Execution (TS102714)
High Nessus Plugin ID 102355
SynopsisThe security application installed on the remote Windows host is affected by a MitM command execution vulnerability.
DescriptionThe version of McAfee Security Scan Plus installed on the remote Windows host is prior to 3.11.587.1. It is, therefore, affected by a flaw that is triggered as HTML elements for displaying the Protection Level in the UI are requested using a cleartext protocol.
SolutionUpgrade to McAfee Security Scan Plus version 3.11.587.1 or later.