Search criteria
9 vulnerabilities found for change_control by mcafee
FKIE_CVE-2013-7460
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10054 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10054 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | application_control | * | |
| mcafee | change_control | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:application_control:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "70954478-492A-4133-B9C2-763E58B39C2A",
"versionEndIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:change_control:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "1FA809D9-F44D-46C8-9663-02E75574CC51",
"versionEndIncluding": "6.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de elusi\u00f3n de protecci\u00f3n de escritura y ejecuci\u00f3n en McAfee (ahora Intel Security) Application Control (MAC) 6.1.0 para Linux y versiones anteriores permite a usuarios autenticados cambiar los binarios que forman parte de la lista blanca de Application Control y permite ejecuci\u00f3n de binarios a trav\u00e9s de condiciones espec\u00edficas."
}
],
"id": "CVE-2013-7460",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.180",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-7461
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10054 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10054 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | application_control | * | |
| mcafee | change_control | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:application_control:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "70954478-492A-4133-B9C2-763E58B39C2A",
"versionEndIncluding": "6.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:change_control:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "1FA809D9-F44D-46C8-9663-02E75574CC51",
"versionEndIncluding": "6.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions."
},
{
"lang": "es",
"value": "Una vulnerabilidad de elusi\u00f3n de protecci\u00f3n de escritura y ejecuci\u00f3n en McAfee (ahora Intel Security) Change Control (MCC) 6.1.0 para Linux y versiones anteriores permite a usuarios autenticados cambiar archivos que forman parte de las reglas de protecci\u00f3n de escritura a trav\u00e9s de condiciones espec\u00edficas."
}
],
"id": "CVE-2013-7461",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.227",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4593
Vulnerability from fkie_nvd - Published: 2012-08-22 10:42 - Updated: 2025-04-11 00:51
Severity ?
Summary
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | application_control | 5.1.0 | |
| mcafee | application_control | 5.1.1 | |
| mcafee | application_control | 5.1.2 | |
| mcafee | application_control | 6.0.0 | |
| mcafee | change_control | 5.1.0 | |
| mcafee | change_control | 5.1.1 | |
| mcafee | change_control | 5.1.2 | |
| mcafee | change_control | 6.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:application_control:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37E89808-3EB2-4F9B-90AA-DC4573896541",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD9FA589-11BC-47F0-9189-3C0DD0AE4185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ACD3B886-748C-4F22-BEEF-FEFDEC4EC495",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:application_control:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1E9C4E2-83FC-4408-85DB-AB5035A3DDE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:change_control:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14A630BB-38D6-4840-9B5C-5E0453B8E5B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:change_control:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "646BE239-A957-433E-884D-366ED805FCF8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:change_control:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "57F0EE98-D18F-4FB8-BE9D-D1C0A186E70D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:change_control:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9970307E-0CD7-4AB3-AB31-BC18B55D1C9F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."
},
{
"lang": "es",
"value": "McAfee Application Control y Change Control v5.1.x y v6.0.0 no refuerza los requisitos de la contrase\u00f1a establecida en ciertas situaciones que implican atributos en la contrase\u00f1a del fichero, lo que permite a usuarios locales evitar la autenticaci\u00f3n ejecutando un comando."
}
],
"id": "CVE-2012-4593",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-08-22T10:42:05.320",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2013-7460 (GCVE-0-2013-7460)
Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 18:09
VLAI?
Summary
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.
Severity ?
No CVSS data available.
CWE
- A write protection and execution bypass vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | Application Control (MAC) |
Affected:
6.1.0 for Linux and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:16.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Application Control (MAC)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "6.1.0 for Linux and earlier"
}
]
}
],
"datePublic": "2013-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A write protection and execution bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T21:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2013-7460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Application Control (MAC)",
"version": {
"version_data": [
{
"version_value": "6.1.0 for Linux and earlier"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2013-7460",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2017-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:09:16.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-7461 (GCVE-0-2013-7461)
Vulnerability from cvelistv5 – Published: 2017-03-14 22:00 – Updated: 2024-08-06 18:09
VLAI?
Summary
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.
Severity ?
No CVSS data available.
CWE
- A write protection and execution bypass vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | Change Control (MCC) |
Affected:
6.1.0 for Linux and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Change Control (MCC)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "6.1.0 for Linux and earlier"
}
]
}
],
"datePublic": "2013-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A write protection and execution bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T21:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2013-7461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Change Control (MCC)",
"version": {
"version_data": [
{
"version_value": "6.1.0 for Linux and earlier"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2013-7461",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2017-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:09:17.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4593 (GCVE-0-2012-4593)
Vulnerability from cvelistv5 – Published: 2012-08-22 10:00 – Updated: 2024-09-17 01:31
VLAI?
Summary
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-22T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4593",
"datePublished": "2012-08-22T10:00:00Z",
"dateReserved": "2012-08-22T00:00:00Z",
"dateUpdated": "2024-09-17T01:31:53.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-7460 (GCVE-0-2013-7460)
Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 18:09
VLAI?
Summary
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions.
Severity ?
No CVSS data available.
CWE
- A write protection and execution bypass vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | Application Control (MAC) |
Affected:
6.1.0 for Linux and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:16.990Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Application Control (MAC)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "6.1.0 for Linux and earlier"
}
]
}
],
"datePublic": "2013-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A write protection and execution bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T21:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2013-7460",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Application Control (MAC)",
"version": {
"version_data": [
{
"version_value": "6.1.0 for Linux and earlier"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2013-7460",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2017-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:09:16.990Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-7461 (GCVE-0-2013-7461)
Vulnerability from nvd – Published: 2017-03-14 22:00 – Updated: 2024-08-06 18:09
VLAI?
Summary
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions.
Severity ?
No CVSS data available.
CWE
- A write protection and execution bypass vulnerability
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel | Change Control (MCC) |
Affected:
6.1.0 for Linux and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:09:17.246Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Change Control (MCC)",
"vendor": "Intel",
"versions": [
{
"status": "affected",
"version": "6.1.0 for Linux and earlier"
}
]
}
],
"datePublic": "2013-09-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A write protection and execution bypass vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-03-14T21:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2013-7461",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Change Control (MCC)",
"version": {
"version_data": [
{
"version_value": "6.1.0 for Linux and earlier"
}
]
}
}
]
},
"vendor_name": "Intel"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A write protection and execution bypass vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10054"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2013-7461",
"datePublished": "2017-03-14T22:00:00",
"dateReserved": "2017-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:09:17.246Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4593 (GCVE-0-2012-4593)
Vulnerability from nvd – Published: 2012-08-22 10:00 – Updated: 2024-09-17 01:31
VLAI?
Summary
McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:42:54.685Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-08-22T10:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-4593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10023"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-4593",
"datePublished": "2012-08-22T10:00:00Z",
"dateReserved": "2012-08-22T00:00:00Z",
"dateUpdated": "2024-09-17T01:31:53.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}