CVE-2012-4593Application Control vulnerability

CWE-2643 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 53.88%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee Application ControlMcafee Change Control
Timeline
PublishedAug 22
Latest updateMay 17

Description

McAfee Application Control and Change Control 5.1.x and 6.0.0 do not enforce an intended password requirement in certain situations involving attributes of the password file, which allows local users to bypass authentication by executing a command.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

NVDmcafee/change_control4 versions+3
NVDmcafee/application_control4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-v588-9f3r-74vj: McAfee Application Control and Change Control 52022-05-17
CVEList
CVE-2012-4593: McAfee Application Control and Change Control 52012-08-22
CVE-2012-4593 — Mcafee vulnerability | cvebase