Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-7278

Опубликовано: 15 апр. 2020
Источник: nvd
CVSS3: 7.4
CVSS3: 6.5
CVSS2: 4
EPSS Низкий

Описание

Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:mcafee:endpoint_security:10.5.0:*:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.5.1:*:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.5.2:*:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.5.3:*:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.5.4:*:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.5.5:*:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.6.0:*:*:*:*:windows:*:*

EPSS

Процентиль: 36%
0.00155
Низкий

7.4 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-284
CWE-862

Связанные уязвимости

github логотип

GHSA-988q-42c6-39xw

github
больше 3 лет назад

Exploiting incorrectly configured access control security levels vulnerability in ENS Firewall in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 and 10.6.1 April 2020 updates allows remote attackers and local users to allow or block unauthorized traffic via pre-existing rules not being handled correctly when updating to the February 2020 updates.

EPSS

Процентиль: 36%
0.00155
Низкий

7.4 High

CVSS3

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

CWE-284
CWE-862