exploitDog

CVE-2023-0221

Опубликовано: 13 янв. 2023

Источник: nvd

CVSS3: 4.4

CVSS3: 4.4

EPSS Низкий

Описание

Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program.

Ссылки

https://kcm.trellix.com/corporate/index?page=content&id=SB10370
Mitigation
Vendor Advisory
https://kcm.trellix.com/corporate/index?page=content&id=SB10370
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mcafee:application_and_change_control:*:*:*:*:*:*:*:*

Версия до 8.3.4 (исключая)

EPSS

Процентиль: 16%

0.00052

Низкий

4.4 Medium

CVSS3

4.4 Medium

CVSS3

Дефекты

CWE-269

CWE-269

Связанные уязвимости

GHSA-2q53-9vqw-6g35

CVSS3: 4.4

github

около 3 лет назад

Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program.

EPSS

Процентиль: 16%

0.00052

Низкий

4.4 Medium

CVSS3

4.4 Medium

CVSS3

Дефекты

CWE-269

CWE-269