exploitDog

CVE-2009-5116

Опубликовано: 22 авг. 2012

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account.

Ссылки

https://kc.mcafee.com/corporate/index?page=content&id=SB10007
Vendor Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10007
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mcafee:linuxshield:*:*:*:*:*:*:*:*

Версия до 1.5.1 (включая)

cpe:2.3:a:mcafee:linuxshield:1.5:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.0036

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-287

Связанные уязвимости

GHSA-4r8g-96wp-vqm6

github

почти 4 года назад

McAfee LinuxShield 1.5.1 and earlier does not properly implement client authentication, which allows remote authenticated users to obtain Admin access to the statistics server by leveraging a client account.

EPSS

Процентиль: 58%

0.0036

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-287