Lucene search

[email protected]NVD:CVE-2021-31839

HistoryJun 10, 2021 - 5:15 p.m.

CVE-2021-31839

2021-06-1017:15:08

CWE-269

[email protected]

web.nvd.nist.gov

mcafee agent

windows

privilege management

vulnerability

event logs

modification

manipulation

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

5.1%

JSON

Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the ePO server.

Affected configurations

Nvd

Node

mcafeeagentRange5.0.0–5.7.3windows

VendorProductVersionCPE
mcafeeagent*cpe:2.3:a:mcafee:agent:*:*:*:*:*:windows:*:*

Vendor	Product	Version	CPE
mcafee	agent	*	cpe:2.3:a:mcafee:agent::::::windows::*

References

kc.mcafee.com/corporate/index?page=content&id=SB10362

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

CVSS3

3.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

Percentile

5.1%

JSON

Related for NVD:CVE-2021-31839

prion1 cve1 cvelist1 nessus1