CVE-2017-3896

Published: Feb 13, 2017Modified: May 13, 2026

5.9

Vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.2 / Impact: 3.6

Source: NVD

Description

Unvalidated parameter vulnerability in the remote log viewing capability in Intel Security McAfee Agent 5.0.x versions prior to 5.0.4.449 allows remote attackers to pass unexpected input parameters via a URL that was not completely validated.

Affected (5)

Products: Mcafee: Mcafee Agent

1 product

Configuration A

5 vulnerable

Vulnerable Software	Affected Versions
Mcafee Mcafee Agent	Version 5.0.0
Mcafee Mcafee Agent	Version 5.0.1
Mcafee Mcafee Agent	Version 5.0.2
Mcafee Mcafee Agent	Version 5.0.3
Mcafee Mcafee Agent	Version 5.0.4

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (6)

http://www.securityfocus.com/bid/95903

Source: secure@intel.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037629

Source: secure@intel.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10183

Source: secure@intel.com

Vendor Advisory

http://www.securityfocus.com/bid/95903

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1037629

Source: af854a3a-2127-422b-91ae-364da2661108

https://kc.mcafee.com/corporate/index?page=content&id=SB10183

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.