Lucene search

TrellixCVELIST:CVE-2021-31839

HistoryJun 10, 2021 - 4:15 p.m.

CVE-2021-31839 Incorrect permissions on McAfee Agent for Windows event folder

2021-06-1016:15:13

CWE-269

trellix

www.cve.org

mcafee agent

windows

permissions

vulnerability

event folder

false events

event logs

epo server

CVSS3

4.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

AI Score

5.8

Confidence

High

EPSS

Percentile

5.1%

JSON

Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the ePO server.

CNA Affected

[
  {
    "platforms": [
      "Windows"
    ],
    "product": "McAfee Agent for Windows",
    "vendor": "McAfee,LLC",
    "versions": [
      {
        "lessThan": "5.7.3",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

References

kc.mcafee.com/corporate/index?page=content&id=SB10362