McAfee Client Proxy is prone to a local authentication-bypass vulnerability. An attacker can exploit this issue to bypass the authentication mechanism. This may aid in further attacks. McAfee Client Proxy (MCP) versions prior to 3.0.0 are vulnerable.
Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Ensure that only trusted users have local, interactive access to affected computers.
Updates are available. Please see the references or vendor advisory for more information.
CPE | Name | Operator | Version |
---|---|---|---|
mcafee client proxy | eq | 2.3.0 | |
mcafee client proxy | eq | 2.4.0 | |
mcafee client proxy | eq | 2.5.0 |