CVE-2009-5115

CWE-2643 documents3 sources
Severity
6.5MEDIUM
EPSS
0.4%
top 39.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Mcafee Common Management Agent
Timeline
PublishedAug 22
Latest updateMay 2

Description

McAfee Common Management Agent (CMA) 3.5.5 through 3.5.5.588 and 3.6.0 through 3.6.0.608, and McAfee Agent 4.0 before Patch 3, allows remote authenticated users to overwrite arbitrary files by accessing a report-writing ActiveX control COM object.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

NVDmcafee/common_management_agent12 versions+11

🔴Vulnerability Details

2
GHSA
GHSA-6ggm-pwph-pqv3: McAfee Common Management Agent (CMA) 32022-05-02
CVEList
CVE-2009-5115: McAfee Common Management Agent (CMA) 32012-08-22
CVE-2009-5115 (MEDIUM CVSS 6.5) | McAfee Common Management Agent (CMA | cvebase.io