cvelistv5 - cve-2018-6703

CVE-2018-6703 (GCVE-0-2018-6703)

Vulnerability from cvelistv5 – Published: 2018-12-11 23:00 – Updated: 2024-08-05 06:10

Title

Remote Logging functionality had a use after free vulnerability in McAfee Agent

Summary

Severity ?

9.8 (Critical)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Use After Free

Assigner

trellix

References

URL

Tags

https://kc.mcafee.com/corporate/index?page=conten…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	McAfee, LLC	McAfee Agent	Affected: 5.x , < 5.6.0 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T06:10:11.293Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "McAfee Agent",
          "vendor": "McAfee, LLC",
          "versions": [
            {
              "lessThan": "5.6.0",
              "status": "affected",
              "version": "5.x",
              "versionType": "custom"
            }
          ]
        }
      ],
      "datePublic": "2018-12-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Use After Free",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-03-25T19:04:49",
        "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "shortName": "trellix"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Remote Logging functionality had a use after free vulnerability in McAfee Agent",
      "workarounds": [
        {
          "lang": "en",
          "value": "Remote logging is disabled by default.  Turning off remote logging protects against this issue."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.5"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@mcafee.com",
          "ID": "CVE-2018-6703",
          "STATE": "PUBLIC",
          "TITLE": "Remote Logging functionality had a use after free vulnerability in McAfee Agent"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "McAfee Agent",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "5.x",
                            "version_value": "5.6.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "McAfee, LLC"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.5"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Use After Free"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Remote logging is disabled by default.  Turning off remote logging protects against this issue."
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
    "assignerShortName": "trellix",
    "cveId": "CVE-2018-6703",
    "datePublished": "2018-12-11T23:00:00",
    "dateReserved": "2018-02-06T00:00:00",
    "dateUpdated": "2024-08-05T06:10:11.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0.0\", \"versionEndExcluding\": \"5.6.0\", \"matchCriteriaId\": \"12E7EDFE-7887-482A-B39B-EB66DF33843F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.\"}, {\"lang\": \"es\", \"value\": \"Un uso de memoria previamente liberada en el inicio de sesi\\u00f3n remoto (deshabilitado por defecto) en McAfee Agent (MA), en las versiones 5.x anteriores a la 5.60, permite a los atacantes remotos no autenticados provocar una denegaci\\u00f3n de servicio (DoS) y, potencialmente, una ejecuci\\u00f3n remota de c\\u00f3digo mediante una cabecera HTTP especialmente manipulada enviada al servicio de inicio de sesi\\u00f3n\"}]",
      "id": "CVE-2018-6703",
      "lastModified": "2024-11-21T04:11:07.200",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV30\": [{\"source\": \"trellixpsirt@trellix.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-12-11T23:29:00.983",
      "references": "[{\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258\", \"source\": \"trellixpsirt@trellix.com\"}, {\"url\": \"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "trellixpsirt@trellix.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-6703\",\"sourceIdentifier\":\"trellixpsirt@trellix.com\",\"published\":\"2018-12-11T23:29:00.983\",\"lastModified\":\"2024-11-21T04:11:07.200\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.\"},{\"lang\":\"es\",\"value\":\"Un uso de memoria previamente liberada en el inicio de sesi\u00f3n remoto (deshabilitado por defecto) en McAfee Agent (MA), en las versiones 5.x anteriores a la 5.60, permite a los atacantes remotos no autenticados provocar una denegaci\u00f3n de servicio (DoS) y, potencialmente, una ejecuci\u00f3n remota de c\u00f3digo mediante una cabecera HTTP especialmente manipulada enviada al servicio de inicio de sesi\u00f3n\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV30\":[{\"source\":\"trellixpsirt@trellix.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0.0\",\"versionEndExcluding\":\"5.6.0\",\"matchCriteriaId\":\"12E7EDFE-7887-482A-B39B-EB66DF33843F\"}]}]}],\"references\":[{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258\",\"source\":\"trellixpsirt@trellix.com\"},{\"url\":\"https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

FKIE_CVE-2018-6703

Vulnerability from fkie_nvd - Published: 2018-12-11 23:29 - Updated: 2024-11-21 04:11

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	trellixpsirt@trellix.com	https://kc.mcafee.com/corporate/index?page=content&id=SB10258
	af854a3a-2127-422b-91ae-364da2661108	https://kc.mcafee.com/corporate/index?page=content&id=SB10258

Impacted products

	Vendor	Product	Version
	mcafee	agent	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12E7EDFE-7887-482A-B39B-EB66DF33843F",
              "versionEndExcluding": "5.6.0",
              "versionStartIncluding": "5.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service."
    },
    {
      "lang": "es",
      "value": "Un uso de memoria previamente liberada en el inicio de sesi\u00f3n remoto (deshabilitado por defecto) en McAfee Agent (MA), en las versiones 5.x anteriores a la 5.60, permite a los atacantes remotos no autenticados provocar una denegaci\u00f3n de servicio (DoS) y, potencialmente, una ejecuci\u00f3n remota de c\u00f3digo mediante una cabecera HTTP especialmente manipulada enviada al servicio de inicio de sesi\u00f3n"
    }
  ],
  "id": "CVE-2018-6703",
  "lastModified": "2024-11-21T04:11:07.200",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "trellixpsirt@trellix.com",
        "type": "Secondary"
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-12-11T23:29:00.983",
  "references": [
    {
      "source": "trellixpsirt@trellix.com",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
    }
  ],
  "sourceIdentifier": "trellixpsirt@trellix.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-201812-1085

Vulnerability from variot - Updated: 2023-11-09 23:34

Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service. McAfee Agent (MA) Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. McAfee Agent is prone to a remote code-execution vulnerability. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application or cause denial-of-service conditions. McAfee Agent versions 5.5.x and 5.0.x are vulnerable

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201812-1085",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "agent",
        "scope": "eq",
        "trust": 1.7,
        "vendor": "mcafee",
        "version": "5.5.1"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 1.4,
        "vendor": "mcafee",
        "version": "5.5.0"
      },
      {
        "model": "agent",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "5.6.0"
      },
      {
        "model": "agent",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "mcafee",
        "version": "5.0.0"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "mcafee",
        "version": "5.0.6 for up to  5.0.0"
      },
      {
        "model": "threat intelligence exchange server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "2.3"
      },
      {
        "model": "threat intelligence exchange server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "2.2"
      },
      {
        "model": "threat intelligence exchange server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "2.1"
      },
      {
        "model": "threat intelligence exchange server",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "2.0"
      },
      {
        "model": "data exchange layer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0"
      },
      {
        "model": "data exchange layer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.0"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.5"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.6"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.4"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.3"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.2"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.1"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.4.449"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.4.283"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.3.362"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.3.316"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.3.272"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.2.333"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.2.285"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.2.188"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.2.132"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.1.518"
      },
      {
        "model": "agent",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.1.516"
      },
      {
        "model": "active response",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "2.0"
      },
      {
        "model": "agent",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.6"
      },
      {
        "model": "agent hf1267991",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.5.1"
      },
      {
        "model": "agent hf1267994",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0.6"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "108951"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.6.0",
                "versionStartIncluding": "5.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Frank Cozijnsen of the KPN RED-team.",
    "sources": [
      {
        "db": "BID",
        "id": "108951"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-6703",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-6703",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.9,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-6703",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2018-6703",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-6703",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201812-477",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULMON",
            "id": "CVE-2018-6703",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-6703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service. McAfee Agent (MA) Contains a vulnerability in the use of freed memory.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. McAfee Agent is prone to a remote code-execution vulnerability. \nSuccessfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application or cause denial-of-service conditions. \nMcAfee Agent versions 5.5.x and 5.0.x are vulnerable",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "BID",
        "id": "108951"
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6703"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-6703",
        "trust": 2.8
      },
      {
        "db": "MCAFEE",
        "id": "SB10258",
        "trust": 2.0
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "108951",
        "trust": 0.3
      },
      {
        "db": "VULMON",
        "id": "CVE-2018-6703",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-6703"
      },
      {
        "db": "BID",
        "id": "108951"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "id": "VAR-201812-1085",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.27142859
  },
  "last_update_date": "2023-11-09T23:34:49.771000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "SB10258",
        "trust": 0.8,
        "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10258"
      },
      {
        "title": "McAfee Agent Common Service Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=87725"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2018-6703 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-6703"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-416",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.0,
        "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=sb10258"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-6703"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-6703"
      },
      {
        "trust": 0.3,
        "url": "http://www.mcafee.com/"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/416.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2018-6703"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2018-6703"
      },
      {
        "db": "BID",
        "id": "108951"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULMON",
        "id": "CVE-2018-6703"
      },
      {
        "db": "BID",
        "id": "108951"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-12-11T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-6703"
      },
      {
        "date": "2019-05-31T00:00:00",
        "db": "BID",
        "id": "108951"
      },
      {
        "date": "2019-01-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "date": "2018-12-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      },
      {
        "date": "2018-12-11T23:29:00",
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-27T00:00:00",
        "db": "VULMON",
        "id": "CVE-2018-6703"
      },
      {
        "date": "2019-05-31T00:00:00",
        "db": "BID",
        "id": "108951"
      },
      {
        "date": "2019-01-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      },
      {
        "date": "2019-04-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      },
      {
        "date": "2023-11-07T03:00:00",
        "db": "NVD",
        "id": "CVE-2018-6703"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "McAfee Agent Uses freed memory vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-011280"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "resource management error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201812-477"
      }
    ],
    "trust": 0.6
  }
}

GHSA-3G76-65RH-62W4

Vulnerability from github – Published: 2022-05-13 01:31 – Updated: 2022-05-13 01:31

Details

Severity ?

9.8 (Critical)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-6703"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-12-11T23:29:00Z",
    "severity": "CRITICAL"
  },
  "details": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.",
  "id": "GHSA-3g76-65rh-62w4",
  "modified": "2022-05-13T01:31:55Z",
  "published": "2022-05-13T01:31:55Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-6703"
    },
    {
      "type": "WEB",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-6703

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-6703

Aliases

CVE-2018-6703

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-6703",
    "description": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.",
    "id": "GSD-2018-6703"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-6703"
      ],
      "details": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.",
      "id": "GSD-2018-6703",
      "modified": "2023-12-13T01:22:35.195201Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@mcafee.com",
        "ID": "CVE-2018-6703",
        "STATE": "PUBLIC",
        "TITLE": "Remote Logging functionality had a use after free vulnerability in McAfee Agent"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "McAfee Agent",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c",
                          "version_name": "5.x",
                          "version_value": "5.6.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "McAfee, LLC"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service."
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.0.5"
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Use After Free"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258",
            "refsource": "CONFIRM",
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      },
      "work_around": [
        {
          "lang": "eng",
          "value": "Remote logging is disabled by default.  Turning off remote logging protects against this issue."
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.6.0",
                "versionStartIncluding": "5.0.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@mcafee.com",
          "ID": "CVE-2018-6703"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-416"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.4,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 5.9
        }
      },
      "lastModifiedDate": "2023-01-27T18:58Z",
      "publishedDate": "2018-12-11T23:29Z"
    }
  }
}

CNVD-2019-07155

Vulnerability from cnvd - Published: 2019-03-14

Title

McAfee Agent Common Service释放后重用漏洞

Description

McAfee Agent（MA）是美国迈克菲（McAfee）公司的一套提供了ePolicy Orchestrator（杀毒软件管理平台）与被管理产品之间的安全通信的客户端组件。Common service是其中的一个通用服务组件。 MA 5.0.0版本至5.0.6版本、5.5.0版本和5.5.1版本中的McAfee Common service存在释放后重用漏洞，远程攻击者可借助特制的TCP数据包利用该漏洞造成拒绝服务。

Severity

高

Patch Name

McAfee Agent Common Service释放后重用漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://kc.mcafee.com/corporate/index?page=content&id=SB10258

Reference

https://kc.mcafee.com/corporate/index?page=content&id=SB10258

Impacted products

Name
['Mcafee McAfee Agent 5.5.0', 'Mcafee McAfee Agent 5.5.1', 'Mcafee McAfee Agent >=5.0.0，<=5.0.6']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-6703",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6703"
    }
  },
  "description": "McAfee Agent\uff08MA\uff09\u662f\u7f8e\u56fd\u8fc8\u514b\u83f2\uff08McAfee\uff09\u516c\u53f8\u7684\u4e00\u5957\u63d0\u4f9b\u4e86ePolicy Orchestrator\uff08\u6740\u6bd2\u8f6f\u4ef6\u7ba1\u7406\u5e73\u53f0\uff09\u4e0e\u88ab\u7ba1\u7406\u4ea7\u54c1\u4e4b\u95f4\u7684\u5b89\u5168\u901a\u4fe1\u7684\u5ba2\u6237\u7aef\u7ec4\u4ef6\u3002Common service\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u901a\u7528\u670d\u52a1\u7ec4\u4ef6\u3002\n\nMA 5.0.0\u7248\u672c\u81f35.0.6\u7248\u672c\u30015.5.0\u7248\u672c\u548c5.5.1\u7248\u672c\u4e2d\u7684McAfee Common service\u5b58\u5728\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684TCP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Frank Cozijnsen",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-07155",
  "openTime": "2019-03-14",
  "patchDescription": "McAfee Agent\uff08MA\uff09\u662f\u7f8e\u56fd\u8fc8\u514b\u83f2\uff08McAfee\uff09\u516c\u53f8\u7684\u4e00\u5957\u63d0\u4f9b\u4e86ePolicy Orchestrator\uff08\u6740\u6bd2\u8f6f\u4ef6\u7ba1\u7406\u5e73\u53f0\uff09\u4e0e\u88ab\u7ba1\u7406\u4ea7\u54c1\u4e4b\u95f4\u7684\u5b89\u5168\u901a\u4fe1\u7684\u5ba2\u6237\u7aef\u7ec4\u4ef6\u3002Common service\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u901a\u7528\u670d\u52a1\u7ec4\u4ef6\u3002\r\n\r\nMA 5.0.0\u7248\u672c\u81f35.0.6\u7248\u672c\u30015.5.0\u7248\u672c\u548c5.5.1\u7248\u672c\u4e2d\u7684McAfee Common service\u5b58\u5728\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u501f\u52a9\u7279\u5236\u7684TCP\u6570\u636e\u5305\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "McAfee Agent Common Service\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Mcafee McAfee Agent 5.5.0",
      "Mcafee McAfee Agent 5.5.1",
      "Mcafee McAfee Agent \u003e=5.0.0\uff0c\u003c=5.0.6"
    ]
  },
  "referenceLink": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10258",
  "serverity": "\u9ad8",
  "submitTime": "2018-12-14",
  "title": "McAfee Agent Common Service\u91ca\u653e\u540e\u91cd\u7528\u6f0f\u6d1e"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-6703 (GCVE-0-2018-6703)

FKIE_CVE-2018-6703

VAR-201812-1085

GHSA-3G76-65RH-62W4

GSD-2018-6703

CNVD-2019-07155

Tags

Sightings

Nomenclature