Описание
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.
Уязвимые конфигурации
Конфигурация 1Версия до 10.7.0 (исключая)
Одно из
cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:-:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2020:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2021:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2020:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2021:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:july_2020:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:june_2021:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:november_2020:*:*:*:windows:*:*
cpe:2.3:a:mcafee:endpoint_security:10.7.0:september_2020:*:*:*:windows:*:*
EPSS
Процентиль: 10%
0.00034
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-59
CWE-59
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.
EPSS
Процентиль: 10%
0.00034
Низкий
7.3 High
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-59
CWE-59