Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:613886
HistoryOct 04, 2013 - 12:00 a.m.

McAfee Managed Agent contains a denial-of-service (DoS) vulnerability

2013-10-0400:00:00
www.kb.cert.org
26

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

57.6%

JSON

Overview

McAfee Managed Agent versions 4.5, 4.6, and possibly earlier versions contain a denial-of-service (DoS) vulnerability (CWE-400).

Description

CWE-400:Uncontrolled Resource Consumption (β€˜Resource Exhaustion’)

McAfee Managed Agent versions 4.5 and 4.6 contain a denial-of-service (DoS) vulnerability. McAfee Managed Agent runs a service on Windows workstations called β€œMcAfee Framework Service” (FrameworkService.exe) which runs an HTTP server on the default TCP port 8081.

By sending a crafted request an attacker can remotely crash the Windows service. This can cause the McAfee software to temporarily stop updating or provide log data until the service is manually restarted.

Impact

An unauthenticated remote attacker may be able to cause a denial-of-service against the McAfee Managed Agent software.

Solution

McAfee has released a security bulletin with the details on obtaining the security hotfix for Managed Agent 4.5 Patch 3 and Managed Agent 4.6 Patch 3. McAfee Managed Agent versions 4.8 RTW and later are not affected. If applying the security hotfix is not possible, please consider the following workaround.

Accept connections only from the ePO server
Make sure that the β€œAccept connections only from the ePO server” option is enabled in the ePO Agent policy.

Vendor Information

613886

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Javascript is disabled. Click here to view vendors.

McAfee Affected

Notified: September 04, 2013 Updated: October 03, 2013

Status

Affected

Vendor Statement

We have not received a statement from the vendor.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References

CVSS Metrics

Group Score Vector
Base 5 AV:N/AC:L/Au:N/C:N/I:N/A:P
Temporal 3.9 E:POC/RL:OF/RC:C
Environmental 2.9 CDP:ND/TD:M/CR:ND/IR:ND/AR:ND

References

Acknowledgements

Thanks to Rodney Beede for reporting this vulnerability.

This document was written by Adam Rauf.

Other Information

CVE IDs: CVE-2013-3627
Date Public: 2013-10-01 Date First Published:

Related

seebug 1
cve 1
nessus 2
prion 1
nvd 1
kaspersky 1
cvelist 1
seebug
seebug
McAfee Managed Agent 'FrameworkService.exe'θΏœη¨‹ζ‹’η»ζœεŠ‘ζΌζ΄ž
2013-10-10 00:00:00
cve
cve
CVE-2013-3627
2022-10-03 16:14:46
nessus
nessus
McAfee Managed Agent FrameworkService.exe Denial of Service (SB10055) (credentialed check)
2013-10-11 00:00:00
McAfee Managed Agent FrameworkService.exe HTTP Request DoS (SB10055)
2013-10-11 00:00:00
prion
prion
Design/Logic Flaw
2013-10-05 10:55:00
nvd
nvd
CVE-2013-3627
2013-10-05 10:55:03
kaspersky
kaspersky
KLA10259 DoS vulnerability in McAfee Agent
2013-10-05 00:00:00
cvelist
cvelist
CVE-2013-3627
2022-10-03 16:14:46

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.002 Low

EPSS

Percentile

57.6%

JSON
Related for VU:613886
seebug1cve1nessus2prion1nvd1kaspersky1cvelist1