Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2008-1357 — Use of Externally-Controlled Format String in Agent

CWE-134 — Use of Externally-Controlled Format String4 documents4 sources

Severity

5.4MEDIUMNVD

EPSS

27.9%

top 3.53%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Mcafee Agent Mcafee CMA Mcafee Epolicy Orchestrator +1 more

Timeline

PublishedMar 17

Latest updateMay 1

Description

Format string vulnerability in the logDetail function of applib.dll in McAfee Common Management Agent (CMA) 3.6.0.574 (Patch 3) and earlier, as used in ePolicy Orchestrator 4.0.0 build 1015, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in a sender field in an AgentWakeup request to UDP port 8082. NOTE: this issue only exists when the debug level is 8.

CVSS vector

AV:N/AC:H/C:N/I:N/A:CExploitability: 4.9 | Impact: 6.9

Affected Packages4 packages

▶NVDmcafee/epolicy_orchestrator4.0

▶NVDmcafee/agent4.0

▶NVDmcafee/cma6 versions+5

▶NVDmcafee/mcafee_framework3.6.569

🔴Vulnerability Details

GHSA

GHSA-99j6-ph5x-xqmj: Format string vulnerability in the logDetail function of applib↗2022-05-01

▶

CVEList

CVE-2008-1357: Format string vulnerability in the logDetail function of applib↗2008-03-17

▶

💥Exploits & PoCs

Exploit-DB

McAfee Framework ePolicy 3.x - Orchestrator '_naimcomn_Log' Remote Format String↗2008-03-12

▶