CVE-2018-6706

Published: Dec 12, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.

Affected (3)

Products: Mcafee: Agent

Mcafee

1 product

Agent

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Mcafee Agent	From 5.0.0 to 5.0.6
Mcafee Agent	Version 5.5.0
Mcafee Agent	Version 5.5.1

Related CWEs

CWE-377

Insecure Temporary File

Creating and using insecure temporary files can leave application and system data vulnerable to attack.

References (4)

http://www.securityfocus.com/bid/106328

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10260

Source: trellixpsirt@trellix.com

http://www.securityfocus.com/bid/106328

Source: af854a3a-2127-422b-91ae-364da2661108

https://kc.mcafee.com/corporate/index?page=content&id=SB10260

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.