exploitDog

CVE-2022-43751

Опубликовано: 23 нояб. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges.

Ссылки

https://mcafee.com
Product
https://www.mcafee.com/support/?articleId=TS103348&page=shell&shell=article-view
Vendor Advisory
https://mcafee.com
Product
https://www.mcafee.com/support/?articleId=TS103348&page=shell&shell=article-view
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mcafee:total_protection:*:*:*:*:*:*:*:*

Версия до 16.0.49 (исключая)

EPSS

Процентиль: 23%

0.00073

Низкий

7.8 High

CVSS3

Дефекты

CWE-427

CWE-427

Связанные уязвимости

GHSA-gmr7-jhwx-3h3j

CVSS3: 7.8

github

около 3 лет назад

McAfee Total Protection prior to version 16.0.49 contains an uncontrolled search path element vulnerability due to the use of a variable pointing to a subdirectory that may be controllable by an unprivileged user. This may have allowed the unprivileged user to execute arbitrary code with system privileges.

EPSS

Процентиль: 23%

0.00073

Низкий

7.8 High

CVSS3

Дефекты

CWE-427

CWE-427