CVEs-PoC/2021/CVE-2021-31831.md

### [CVE-2021-31831](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31831)
![](https://img.shields.io/static/v1?label=Product&message=McAfee%20Database%20Security%20(DBSec)&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3C%204.8.2%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-552%3A%20Files%20or%20Directories%20Accessible%20to%20External%20Parties&color=brighgreen)

### Description

Incorrect access to deleted scripts vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to gain access to signed SQL scripts which have been marked as deleted or expired within the administrative console. This access was only available through the REST API.

### POC

#### Reference
- https://kc.mcafee.com/corporate/index?page=content&id=SB10359

#### Github
No PoCs found on GitHub currently.