CVE-2020-7324

Published: Sep 9, 2020Modified: Nov 21, 2024

6.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Exploitability: 1.8 / Impact: 4.2

Source: NVD

Description

Improper Access Control vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to bypass security mechanisms and deny access to the SYSTEM folder via incorrectly applied permissions.

Affected (1)

Products: Mcafee: Mvision Endpoint

Mcafee

1 product

Mvision Endpoint

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Mvision Endpoint	Before 20.9

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://kc.mcafee.com/corporate/index?page=content&id=SB10328

Source: trellixpsirt@trellix.com

https://kc.mcafee.com/corporate/index?page=content&id=SB10328

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.