Search criteria
87 vulnerabilities found for virusscan_enterprise by mcafee
FKIE_CVE-2020-7337
Vulnerability from fkie_nvd - Published: 2020-12-09 09:15 - Updated: 2024-11-21 05:37
Severity ?
6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:*:*:*",
"matchCriteriaId": "324B63C7-6AA0-4943-935E-85A1F949C509",
"versionEndExcluding": "8.8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:*:*:*",
"matchCriteriaId": "739CE02A-E38F-4B8E-8902-FB6C6DF0C2D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:*:*:*",
"matchCriteriaId": "1D14CEFB-F8A2-4E07-8248-C8DDE8665EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:*:*:*",
"matchCriteriaId": "CA1D6C3D-0496-43DB-85EF-0F9801F8DD54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:*:*:*",
"matchCriteriaId": "586B2C78-640C-475F-9ED3-ECDA83F8B26A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:*:*:*",
"matchCriteriaId": "BE55ECB6-2B28-4A1A-A8BA-17ADFB97D61A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:*:*:*",
"matchCriteriaId": "9C79BC0A-E955-4170-AE0C-E6868FF38E92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch14:*:*:*:*:*:*",
"matchCriteriaId": "6E87B844-7FE9-4AB6-8E09-B22A9419079A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch15:*:*:*:*:*:*",
"matchCriteriaId": "C2F27699-3594-4B59-891E-0241AE13D7E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:*:*:*",
"matchCriteriaId": "D5550350-5035-41AB-BCD0-D24E669839C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:*:*:*",
"matchCriteriaId": "E7DF43DB-F296-4D0E-89F0-B807DBC750C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:*:*:*",
"matchCriteriaId": "4095418F-39EF-4A47-BCBA-BEE0B81B4E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:*:*:*",
"matchCriteriaId": "441512BE-F8A5-4690-9005-DCAB0EE86CC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:*:*:*",
"matchCriteriaId": "04273536-A593-4439-9325-1C57BAAB60D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:*:*:*",
"matchCriteriaId": "CC9F3CB2-5A92-4EBB-B109-44690EE096FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:*:*:*",
"matchCriteriaId": "5AE7C3D5-9771-40A9-B7A3-37EFEFC9FD9E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:*:*:*",
"matchCriteriaId": "61ADDBB0-F71D-46D1-9DB5-38905954C33A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Asignaci\u00f3n de Permisos Incorrecta de Recursos Cr\u00edticos en McAfee VirusScan Enterprise (VSE) versiones anteriores a 8.8 Parche 16 permite a administradores locales omitir la protecci\u00f3n de seguridad local por medio de VSE que no se integra correctamente con Windows Defender Application Control mediante la manipulaci\u00f3n cuidadosa de las comprobaciones de Integridad del C\u00f3digo"
}
],
"id": "CVE-2020-7337",
"lastModified": "2024-11-21T05:37:05.333",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.6,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-12-09T09:15:13.200",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-732"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Primary"
}
]
}
FKIE_CVE-2019-3585
Vulnerability from fkie_nvd - Published: 2020-06-10 12:15 - Updated: 2024-11-21 04:42
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en el cliente (McTray.exe) de Microsoft Windows en McAfee VirusScan Enterprise (VSE) versi\u00f3n 8.8 anterior al parche 14 puede permitir que los usuarios locales interact\u00faen con On-Access Scan Messages - Threat Alert Window con privilegios elevados mediante la ejecuci\u00f3n de McAfee Tray con privilegios elevados"
}
],
"id": "CVE-2019-3585",
"lastModified": "2024-11-21T04:42:13.067",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-10T12:15:11.057",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-7280
Vulnerability from fkie_nvd - Published: 2020-06-10 12:15 - Updated: 2024-11-21 05:36
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch14:*:*:*:windows:*:*",
"matchCriteriaId": "B1DDC36E-F911-4F57-9302-10DF03CE7A68",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
},
{
"lang": "es",
"value": "Una vulnerabilidad de escalada de privilegios durante las actualizaciones de DAT diarias cuando se usa McAfee Virus Scan Enterprise (VSE) versiones anteriores a 8.8 Parche 15, permite a usuarios locales causar la eliminaci\u00f3n y creaci\u00f3n de archivos para los que normalmente no tendr\u00edan permiso al alterar el objetivo de los enlaces simb\u00f3licos. Esto es dependiente de la sincronizaci\u00f3n"
}
],
"id": "CVE-2020-7280",
"lastModified": "2024-11-21T05:36:58.820",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-10T12:15:11.493",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "trellixpsirt@trellix.com",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-3588
Vulnerability from fkie_nvd - Published: 2020-06-10 12:15 - Updated: 2024-11-21 04:42
Severity ?
6.3 (Medium) - CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.8 (Medium) - CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en el cliente (McTray.exe) de Microsoft Windows en McAfee VirusScan Enterprise (VSE) versi\u00f3n 8.8 anterior al Parche 14 puede permitir que usuarios no autorizados interact\u00faen con On-Access Scan Messages - Threat Alert Window cuando la Pantalla de Inicio de Sesi\u00f3n de Windows est\u00e1 bloqueada"
}
],
"id": "CVE-2019-3588",
"lastModified": "2024-11-21T04:42:13.437",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.4,
"impactScore": 5.9,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-06-10T12:15:11.167",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-7267
Vulnerability from fkie_nvd - Published: 2020-05-08 13:15 - Updated: 2024-11-21 05:36
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 | |
| mcafee | virusscan_enterprise | 8.8 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*",
"matchCriteriaId": "A0280F82-EC6B-4F5B-A495-DD9CEED6A20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*",
"matchCriteriaId": "66F4B2B4-93EF-4BF2-A949-4EABB6E2D5CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*",
"matchCriteriaId": "8915A4A0-A6A8-433C-9E03-2FE2023E576D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*",
"matchCriteriaId": "12630925-6631-40DB-84EF-35BFE6EFB4F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*",
"matchCriteriaId": "8EB533F2-0631-4C2C-885A-C132EC937164",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*",
"matchCriteriaId": "D17EC9A7-A383-4B3E-A292-73CD33E60134",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*",
"matchCriteriaId": "1204EDA4-8C76-45D1-894A-CBD042A1C533",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*",
"matchCriteriaId": "BB3F4704-7A78-4223-98A6-EAE027553732",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*",
"matchCriteriaId": "D0545B55-45D8-440D-A120-F0ED7337CF06",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*",
"matchCriteriaId": "3CDA7115-7071-42BC-99AA-FD01A5CB6D37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*",
"matchCriteriaId": "54AC8CF5-30D5-4FF8-83C8-70FF9E16FE00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*",
"matchCriteriaId": "5D98604B-B10B-473A-A219-BF6208779912",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*",
"matchCriteriaId": "923A8D73-6FAB-4826-B6BD-6D006E46C7BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*",
"matchCriteriaId": "1846CE6C-EDAE-4F88-8CC3-2C48506595F7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en McAfee VirusScan Enterprise (VSE) para Linux versiones anteriores a 2.0.3 Hotfix 2635000, permite a usuarios locales eliminar archivos a los que de otro modo no tendr\u00edan acceso por medio de la manipulaci\u00f3n de enlaces simb\u00f3licos para redireccionar una acci\u00f3n de eliminaci\u00f3n de McAfee hacia un archivo no deseado. Esto es logrado por medio de la ejecuci\u00f3n de un script o programa malicioso en el m\u00e1quina objetivo."
}
],
"id": "CVE-2020-7267",
"lastModified": "2024-11-21T05:36:57.567",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-08T13:15:11.183",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-274"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-7266
Vulnerability from fkie_nvd - Published: 2020-05-08 12:15 - Updated: 2024-11-21 05:36
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
8.4 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * | |
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "90B7841B-A356-4FEC-9BFA-80ADC4E476FB",
"versionEndExcluding": "1.9.2",
"versionStartIncluding": "1.9.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "783E4E02-0CAF-4575-AEC1-A115D0BC3471",
"versionEndExcluding": "2.0.3",
"versionStartIncluding": "2.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
},
{
"lang": "es",
"value": "Una vulnerabilidad de Escalada de Privilegios en McAfee VirusScan Enterprise (VSE) para Windows versiones anteriores a 8.8 Parche 14 Hotfix 116778, permite a usuarios locales eliminar archivos a los que de otro modo el usuario no tendr\u00eda acceso por medio de la manipulaci\u00f3n de enlaces simb\u00f3licos para redireccionar una acci\u00f3n de eliminaci\u00f3n de McAfee hacia un archivo no deseado. Esto es logrado por medio de la ejecuci\u00f3n de un script o programa malicioso en la m\u00e1quina objetivo."
}
],
"id": "CVE-2020-7266",
"lastModified": "2024-11-21T05:36:57.453",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 5.8,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-05-08T12:15:12.207",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-274"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2018-6674
Vulnerability from fkie_nvd - Published: 2018-05-25 13:29 - Updated: 2024-11-21 04:11
Severity ?
6.8 (Medium) - CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
3.9 (Low) - CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
3.9 (Low) - CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | 8.8.0 | |
| microsoft | windows | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:8.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "610253E5-E519-42DB-9A60-0385099D1AA7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
},
{
"lang": "es",
"value": "Vulnerabilidad de escalada de privilegios en el cliente (McTray.exe) de Microsoft Windows en VirusScan Enterprise (VSE) de McAfee versi\u00f3n 8.8 anterior a parche 13, permite a los usuarios locales causar procesos no relacionados con privilegios elevados por medio del administrador de sistema que otorga privilegios elevados a McTray.exe (por defecto, se ejecuta con los privilegios del usuario actual)."
}
],
"id": "CVE-2018-6674",
"lastModified": "2024-11-21T04:11:05.523",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 0.2,
"impactScore": 6.0,
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "NONE",
"baseScore": 3.9,
"baseSeverity": "LOW",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 0.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-05-25T13:29:00.333",
"references": [
{
"source": "trellixpsirt@trellix.com",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"sourceIdentifier": "trellixpsirt@trellix.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
},
{
"lang": "en",
"value": "CWE-269"
},
{
"lang": "en",
"value": "CWE-274"
}
],
"source": "trellixpsirt@trellix.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8030
Vulnerability from fkie_nvd - Published: 2017-04-25 16:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | http://www.securityfocus.com/bid/98041 | Third Party Advisory, VDB Entry | |
| secure@intel.com | https://kc.mcafee.com/corporate/index?page=content&id=SB10194 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/98041 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://kc.mcafee.com/corporate/index?page=content&id=SB10194 | Patch, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:patch8:*:*:*:*:*:*",
"matchCriteriaId": "BE2EE2C2-35B5-4C37-A7EC-38EBE6ADC033",
"versionEndIncluding": "8.8.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
},
{
"lang": "es",
"value": "Una vulnerabilidad de corrupci\u00f3n de memoria en el objeto Scriptscan COM en McAfee VirusScan Enterprise 8.8 El parche 8 y versiones anteriores permite a los atacantes remotos crear una denegaci\u00f3n de servicio en la pesta\u00f1a activa de Internet Explorer a trav\u00e9s de un enlace HTML."
}
],
"id": "CVE-2016-8030",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 1.4,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-25T16:59:00.197",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8023
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass by assumed-immutable data vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to bypass server authentication via a crafted authentication cookie."
},
{
"lang": "es",
"value": "Vulnerabilidad de elusi\u00f3n de autenticaci\u00f3n por datos supuestos inmutables en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados eludir autenticaci\u00f3n del servidor trav\u00e9s de una cookie de autenticaci\u00f3n manipulada."
}
],
"id": "CVE-2016-8023",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.057",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8025
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to obtain product information via a crafted HTTP request parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios remotos autenticados obtener informaci\u00f3n del producto a trav\u00e9s del par\u00e1metro de petici\u00f3n HTTP manipulado."
}
],
"id": "CVE-2016-8025",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.0"
},
"exploitabilityScore": 0.7,
"impactScore": 5.5,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.133",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8024
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to obtain sensitive information via the server HTTP response spoofing."
},
{
"lang": "es",
"value": "Vulnerabilidad de neutralizaci\u00f3n inapropiada de secuencias CRLF en cabeceras HTTP en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados obtener informaci\u00f3n sensible a trav\u00e9s de la suplantaci\u00f3n de la respuesta HTTP del servidor."
}
],
"id": "CVE-2016-8024",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.087",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-113"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8021
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper verification of cryptographic signature vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote authenticated users to spoof update server and execute arbitrary code via a crafted input file."
},
{
"lang": "es",
"value": "Vulnerabilidad de verificaci\u00f3n inapropiada de firma criptogr\u00e1fica en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a usuarios remotos autenticados suplantar el servidor de actualizaci\u00f3n y ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de entrada manipulado."
}
],
"id": "CVE-2016-8021",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"exploitabilityScore": 1.3,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.023",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-347"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8022
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Authentication bypass by spoofing vulnerability in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows remote unauthenticated attacker to execute arbitrary code or cause a denial of service via a crafted authentication cookie."
},
{
"lang": "es",
"value": "Vulnerabilidad de elusi\u00f3n de autenticaci\u00f3n mediante suplantaci\u00f3n de identidad en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y versiones anteriores) permite a atacantes remotos no autenticados ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n del servicio a trav\u00e9s de una cookie de autenticaci\u00f3n manipulada."
}
],
"id": "CVE-2016-8022",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.6,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:01.040",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2016-8019
Vulnerability from fkie_nvd - Published: 2017-03-14 22:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| mcafee | virusscan_enterprise | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:mcafee:virusscan_enterprise:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F4CE62F4-8171-49DF-89D2-B64D26F562EA",
"versionEndIncluding": "2.0.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in attributes in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows unauthenticated remote attackers to inject arbitrary web script or HTML via a crafted user input."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en atributos en Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (y anteriores) permite a atacantes remotos no autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de una entrada de usuario manipulada."
}
],
"id": "CVE-2016-8019",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-03-14T22:59:00.947",
"references": [
{
"source": "secure@intel.com",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "secure@intel.com",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "secure@intel.com",
"url": "https://www.exploit-db.com/exploits/40911/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/94823"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037433"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.exploit-db.com/exploits/40911/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2020-7337 (GCVE-0-2020-7337)
Vulnerability from cvelistv5 – Published: 2020-12-09 08:40 – Updated: 2024-09-16 18:18
VLAI?
Summary
Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.
Severity ?
6.5 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | VirusScan Enterprise (VSE) |
Affected:
8.8.x , ≤ patch 15
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:49.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThanOrEqual": "patch 15",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T08:40:14",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Incorrect Permission Assignment for Critical Resource",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-12-08T00:00:00.000Z",
"ID": "CVE-2020-7337",
"STATE": "PUBLIC",
"TITLE": "Incorrect Permission Assignment for Critical Resource"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "8.8.x",
"version_value": "patch 15"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7337",
"datePublished": "2020-12-09T08:40:14.736661Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T18:18:07.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7280 (GCVE-0-2020-7280)
Vulnerability from cvelistv5 – Published: 2020-06-10 11:52 – Updated: 2024-09-16 16:53
VLAI?
Summary
Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.
Severity ?
7.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Affected:
8.8.x , < 8.8 Patch 15
(custom)
|
Credits
McAfee credits Glennlloyd working with Trend Micro's Zero Day Initiative for reporting this flaw.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 15",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Glennlloyd working with Trend Micro\u0027s Zero Day Initiative for reporting this flaw."
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T11:06:04",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Symbolic Link vulnerability during DAT update",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2020-7280",
"STATE": "PUBLIC",
"TITLE": "Symbolic Link vulnerability during DAT update"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 15"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Glennlloyd working with Trend Micro\u0027s Zero Day Initiative for reporting this flaw."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7280",
"datePublished": "2020-06-10T11:52:43.610724Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T16:53:22.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3588 (GCVE-0-2019-3588)
Vulnerability from cvelistv5 – Published: 2020-06-10 11:47 – Updated: 2024-09-16 20:37
VLAI?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
Severity ?
6.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Affected:
8.8.x , < 8.8 Patch 14
(custom)
|
Credits
McAfee credits Lockheed Martin Red Team for reporting this bug
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 14",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-19T16:25:02",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Using VSE to bypass Windows Credentials on Lock screen",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2019-3588",
"STATE": "PUBLIC",
"TITLE": "Using VSE to bypass Windows Credentials on Lock screen"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3588",
"datePublished": "2020-06-10T11:47:44.182315Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T20:37:00.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3585 (GCVE-0-2019-3585)
Vulnerability from cvelistv5 – Published: 2020-06-10 11:42 – Updated: 2024-09-16 16:38
VLAI?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Affected:
8.8.x , < 8.8 Patch 14
(custom)
|
Credits
McAfee credits Lockheed Martin Red Team for reporting this bug
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 14",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-19T16:24:19",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "VSE Escalation of Privileges through Alert pop-up window",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2019-3585",
"STATE": "PUBLIC",
"TITLE": "VSE Escalation of Privileges through Alert pop-up window"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3585",
"datePublished": "2020-06-10T11:42:46.145910Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T16:38:13.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7267 (GCVE-0-2020-7267)
Vulnerability from cvelistv5 – Published: 2020-05-08 12:25 – Updated: 2024-09-17 02:51
VLAI?
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Severity ?
8.8 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee VirusScan Enterprise (VSE) for Linux |
Affected:
2.0.x , < 2.0.3 Hotfix 2635000
(custom)
|
Credits
Rack911 Labs discovered this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE) for Linux",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "2.0.3 Hotfix 2635000",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"datePublic": "2020-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T12:25:14",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation vulnerability through symbolic links in VSEL",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-05-07T00:00:00.000Z",
"ID": "CVE-2020-7267",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation vulnerability through symbolic links in VSEL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE) for Linux",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.0.x",
"version_value": "2.0.3 Hotfix 2635000"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7267",
"datePublished": "2020-05-08T12:25:14.793515Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-17T02:51:54.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7266 (GCVE-0-2020-7266)
Vulnerability from cvelistv5 – Published: 2020-05-08 11:55 – Updated: 2024-09-17 04:04
VLAI?
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Severity ?
8.8 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee VirusScan Enterprise (VSE) for Windows |
Affected:
8.8.x , < 8.8 Patch 14 Hotfix 116778
(custom)
|
Credits
Rack911 Labs discovered this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE) for Windows",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "8.8 Patch 14 Hotfix 116778",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"datePublic": "2020-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T11:55:13",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation vulnerability through symbolic links in VSE for Windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-05-07T00:00:00.000Z",
"ID": "CVE-2020-7266",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation vulnerability through symbolic links in VSE for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE) for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14 Hotfix 116778"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7266",
"datePublished": "2020-05-08T11:55:14.049262Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-17T04:04:21.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6674 (GCVE-0-2018-6674)
Vulnerability from cvelistv5 – Published: 2018-05-25 13:00 – Updated: 2024-08-05 06:10
VLAI?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | VirusScan Enterprise (VSE) |
Affected:
8.8 , < 8.8 Patch 13
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": " VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 13",
"status": "affected",
"version": "8.8",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "Permissions, Privileges, and Access Control (CWE-264)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "Privilege Escalation (CWE-274)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Data Leakage via Privilege Escalation (CWE-269)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-12T13:52:38",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"source": {
"advisory": "SB10237",
"discovery": "EXTERNAL"
},
"title": "Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2018-6674",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "8.8",
"version_value": "8.8 Patch 13"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permissions, Privileges, and Access Control (CWE-264)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation (CWE-274)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Data Leakage via Privilege Escalation (CWE-269)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
]
},
"source": {
"advisory": "SB10237",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2018-6674",
"datePublished": "2018-05-25T13:00:00",
"dateReserved": "2018-02-06T00:00:00",
"dateUpdated": "2024-08-05T06:10:10.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8030 (GCVE-0-2016-8030)
Vulnerability from cvelistv5 – Published: 2017-04-25 16:00 – Updated: 2024-08-06 02:13
VLAI?
Summary
A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link.
Severity ?
No CVSS data available.
CWE
- A memory corruption vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee | VirusScan Enterprise |
Affected:
8.8 Patch 8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise",
"vendor": "McAfee",
"versions": [
{
"status": "affected",
"version": "8.8 Patch 8 and earlier"
}
]
}
],
"datePublic": "2017-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-28T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "98041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise",
"version": {
"version_data": [
{
"version_value": "8.8 Patch 8 and earlier"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A memory corruption vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98041"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8030",
"datePublished": "2017-04-25T16:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7337 (GCVE-0-2020-7337)
Vulnerability from nvd – Published: 2020-12-09 08:40 – Updated: 2024-09-16 18:18
VLAI?
Summary
Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.
Severity ?
6.5 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | VirusScan Enterprise (VSE) |
Affected:
8.8.x , ≤ patch 15
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:49.074Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThanOrEqual": "patch 15",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"datePublic": "2020-12-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-12-09T08:40:14",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Incorrect Permission Assignment for Critical Resource",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-12-08T00:00:00.000Z",
"ID": "CVE-2020-7337",
"STATE": "PUBLIC",
"TITLE": "Incorrect Permission Assignment for Critical Resource"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "8.8.x",
"version_value": "patch 15"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-732 Incorrect Permission Assignment for Critical Resource"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10338"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7337",
"datePublished": "2020-12-09T08:40:14.736661Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T18:18:07.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7280 (GCVE-0-2020-7280)
Vulnerability from nvd – Published: 2020-06-10 11:52 – Updated: 2024-09-16 16:53
VLAI?
Summary
Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent.
Severity ?
7.8 (High)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Affected:
8.8.x , < 8.8 Patch 15
(custom)
|
Credits
McAfee credits Glennlloyd working with Trend Micro's Zero Day Initiative for reporting this flaw.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.819Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 15",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Glennlloyd working with Trend Micro\u0027s Zero Day Initiative for reporting this flaw."
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-06-15T11:06:04",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Symbolic Link vulnerability during DAT update",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2020-7280",
"STATE": "PUBLIC",
"TITLE": "Symbolic Link vulnerability during DAT update"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 15"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Glennlloyd working with Trend Micro\u0027s Zero Day Initiative for reporting this flaw."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they would not normally have permission to through altering the target of symbolic links. This is timing dependent."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-20-702/"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7280",
"datePublished": "2020-06-10T11:52:43.610724Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-16T16:53:22.302Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3588 (GCVE-0-2019-3588)
Vulnerability from nvd – Published: 2020-06-10 11:47 – Updated: 2024-09-16 20:37
VLAI?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.
Severity ?
6.3 (Medium)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Affected:
8.8.x , < 8.8 Patch 14
(custom)
|
Credits
McAfee credits Lockheed Martin Red Team for reporting this bug
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 14",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-19T16:25:02",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Using VSE to bypass Windows Credentials on Lock screen",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2019-3588",
"STATE": "PUBLIC",
"TITLE": "Using VSE to bypass Windows Credentials on Lock screen"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3588",
"datePublished": "2020-06-10T11:47:44.182315Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T20:37:00.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-3585 (GCVE-0-2019-3585)
Vulnerability from nvd – Published: 2020-06-10 11:42 – Updated: 2024-09-16 16:38
VLAI?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges.
Severity ?
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | McAfee VirusScan Enterprise (VSE) |
Affected:
8.8.x , < 8.8 Patch 14
(custom)
|
Credits
McAfee credits Lockheed Martin Red Team for reporting this bug
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T19:12:09.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 14",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"datePublic": "2020-06-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269: Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-10-19T16:24:19",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "VSE Escalation of Privileges through Alert pop-up window",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-06-09T00:00:00.000Z",
"ID": "CVE-2019-3585",
"STATE": "PUBLIC",
"TITLE": "VSE Escalation of Privileges through Alert pop-up window"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "McAfee credits Lockheed Martin Red Team for reporting this bug"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messages - Threat Alert Window with elevated privileges via running McAfee Tray with elevated privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10302"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2019-3585",
"datePublished": "2020-06-10T11:42:46.145910Z",
"dateReserved": "2019-01-03T00:00:00",
"dateUpdated": "2024-09-16T16:38:13.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7267 (GCVE-0-2020-7267)
Vulnerability from nvd – Published: 2020-05-08 12:25 – Updated: 2024-09-17 02:51
VLAI?
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Severity ?
8.8 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee VirusScan Enterprise (VSE) for Linux |
Affected:
2.0.x , < 2.0.3 Hotfix 2635000
(custom)
|
Credits
Rack911 Labs discovered this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.580Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE) for Linux",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "2.0.3 Hotfix 2635000",
"status": "affected",
"version": "2.0.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"datePublic": "2020-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T12:25:14",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation vulnerability through symbolic links in VSEL",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-05-07T00:00:00.000Z",
"ID": "CVE-2020-7267",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation vulnerability through symbolic links in VSEL"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE) for Linux",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.0.x",
"version_value": "2.0.3 Hotfix 2635000"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7267",
"datePublished": "2020-05-08T12:25:14.793515Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-17T02:51:54.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-7266 (GCVE-0-2020-7266)
Vulnerability from nvd – Published: 2020-05-08 11:55 – Updated: 2024-09-17 04:04
VLAI?
Summary
Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.
Severity ?
8.8 (High)
CWE
- CWE-274 - Improper Handling of Insufficient Privileges
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee,LLC | McAfee VirusScan Enterprise (VSE) for Windows |
Affected:
8.8.x , < 8.8 Patch 14 Hotfix 116778
(custom)
|
Credits
Rack911 Labs discovered this vulnerability.
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:25:48.359Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "McAfee VirusScan Enterprise (VSE) for Windows",
"vendor": "McAfee,LLC",
"versions": [
{
"lessThan": "8.8 Patch 14 Hotfix 116778",
"status": "affected",
"version": "8.8.x",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"datePublic": "2020-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "CWE-274 Improper Handling of Insufficient Privileges",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-05-08T11:55:13",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Privilege Escalation vulnerability through symbolic links in VSE for Windows",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2020-05-07T00:00:00.000Z",
"ID": "CVE-2020-7266",
"STATE": "PUBLIC",
"TITLE": "Privilege Escalation vulnerability through symbolic links in VSE for Windows"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "McAfee VirusScan Enterprise (VSE) for Windows",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "8.8.x",
"version_value": "8.8 Patch 14 Hotfix 116778"
}
]
}
}
]
},
"vendor_name": "McAfee,LLC"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Rack911 Labs discovered this vulnerability."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-274 Improper Handling of Insufficient Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10316"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2020-7266",
"datePublished": "2020-05-08T11:55:14.049262Z",
"dateReserved": "2020-01-21T00:00:00",
"dateUpdated": "2024-09-17T04:04:21.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6674 (GCVE-0-2018-6674)
Vulnerability from nvd – Published: 2018-05-25 13:00 – Updated: 2024-08-05 06:10
VLAI?
Summary
Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges).
Severity ?
6.8 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee, LLC | VirusScan Enterprise (VSE) |
Affected:
8.8 , < 8.8 Patch 13
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:10:10.792Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"Windows"
],
"product": " VirusScan Enterprise (VSE)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "8.8 Patch 13",
"status": "affected",
"version": "8.8",
"versionType": "custom"
}
]
}
],
"datePublic": "2018-05-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-264",
"description": "Permissions, Privileges, and Access Control (CWE-264)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-274",
"description": "Privilege Escalation (CWE-274)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "Data Leakage via Privilege Escalation (CWE-269)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-06-12T13:52:38",
"orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"shortName": "trellix"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
],
"source": {
"advisory": "SB10237",
"discovery": "EXTERNAL"
},
"title": "Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges",
"x_generator": {
"engine": "Vulnogram 0.0.7"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@mcafee.com",
"ID": "CVE-2018-6674",
"STATE": "PUBLIC",
"TITLE": "Privilege escalation vulnerability in McAfee VSE when McTray run with elevated privileges"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": " VirusScan Enterprise (VSE)",
"version": {
"version_data": [
{
"platform": "Windows",
"version_affected": "\u003c",
"version_name": "8.8",
"version_value": "8.8 Patch 13"
}
]
}
}
]
},
"vendor_name": "McAfee, LLC"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user\u0027s privileges)."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.7"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:P/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Permissions, Privileges, and Access Control (CWE-264)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Privilege Escalation (CWE-274)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Data Leakage via Privilege Escalation (CWE-269)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10237"
}
]
},
"source": {
"advisory": "SB10237",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
"assignerShortName": "trellix",
"cveId": "CVE-2018-6674",
"datePublished": "2018-05-25T13:00:00",
"dateReserved": "2018-02-06T00:00:00",
"dateUpdated": "2024-08-05T06:10:10.792Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-8030 (GCVE-0-2016-8030)
Vulnerability from nvd – Published: 2017-04-25 16:00 – Updated: 2024-08-06 02:13
VLAI?
Summary
A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link.
Severity ?
No CVSS data available.
CWE
- A memory corruption vulnerability
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| McAfee | VirusScan Enterprise |
Affected:
8.8 Patch 8 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:13:21.817Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "98041",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "VirusScan Enterprise",
"vendor": "McAfee",
"versions": [
{
"status": "affected",
"version": "8.8 Patch 8 and earlier"
}
]
}
],
"datePublic": "2017-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "A memory corruption vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-28T09:57:01",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "98041",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/98041"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2016-8030",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VirusScan Enterprise",
"version": {
"version_data": [
{
"version_value": "8.8 Patch 8 and earlier"
}
]
}
}
]
},
"vendor_name": "McAfee"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A memory corruption vulnerability in Scriptscan COM Object in McAfee VirusScan Enterprise 8.8 Patch 8 and earlier allows remote attackers to create a Denial of Service on the active Internet Explorer tab via a crafted HTML link."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "A memory corruption vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "98041",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/98041"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10194"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2016-8030",
"datePublished": "2017-04-25T16:00:00",
"dateReserved": "2016-09-09T00:00:00",
"dateUpdated": "2024-08-06T02:13:21.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}