CVE-2020-7267

Опубликовано: 08 мая 2020

Источник: nvd

CVSS3: 8.8

CVSS3: 8.4

CVSS2: 3.6

EPSS Низкий

Описание

Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:-:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch1:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch10:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch11:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch12:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch13:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch2:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch3:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch4:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch5:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch6:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch7:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch8:*:*:*:windows:*:*

cpe:2.3:a:mcafee:virusscan_enterprise:8.8:patch9:*:*:*:windows:*:*

EPSS

Процентиль: 10%

0.00035

Низкий

8.8 High

CVSS3

8.4 High

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-274

CWE-269

Связанные уязвимости

GHSA-2f9x-cj33-r657

github

больше 3 лет назад

EPSS

Процентиль: 10%

0.00035

Низкий

8.8 High

CVSS3

8.4 High

CVSS3

3.6 Low

CVSS2

Дефекты

CWE-274

CWE-269