Lucene search

TrellixCVELIST:CVE-2018-6693

HistorySep 18, 2018 - 10:00 p.m.

CVE-2018-6693 Endpoint Security for Linux Threat Prevention (ENSLTP) privilege escalation vulnerability

2018-09-1822:00:00

CWE-363

CWE-274

trellix

www.cve.org

CVSS3

5.6

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

LOW

CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:L

EPSS

Percentile

12.6%

JSON

An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. By exploiting a time of check to time of use (TOCTOU) race condition during a specific scanning sequence, the unprivileged user is able to perform a privilege escalation to delete arbitrary files.

CNA Affected

[
  {
    "platforms": [
      "x86"
    ],
    "product": " Endpoint Security for Linux Threat Prevention (ENSLTP)",
    "vendor": "McAfee",
    "versions": [
      {
        "status": "affected",
        "version": "10.5.0"
      },
      {
        "status": "affected",
        "version": "10.5.1 10.5.0"
      },
      {
        "lessThanOrEqual": "10.2.3 Hotfix 1246778",
        "status": "affected",
        "version": "10.2.3 Hotfix 1246778",
        "versionType": "custom"
      }
    ]
  }
]

References

kc.mcafee.com/corporate/index?page=content&id=SB10248