CVE-2021-31836

Published: Sep 22, 2021Modified: Nov 21, 2024

7.1

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Exploitability: 1.8 / Impact: 5.2

Source: NVD

Description

Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to gain access to sensitive information. The utility was able to be run from any location on the file system and by a low privileged user.

Affected (1)

Products: Mcafee: Mcafee Agent

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Mcafee Mcafee Agent	Before 5.7.4

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://kc.mcafee.com/corporate/index?page=content&id=SB10369

Source: trellixpsirt@trellix.com

Broken Link

https://kc.mcafee.com/corporate/index?page=content&id=SB10369

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.