CVE-2015-8987

CWE-284Improper Access Control3 documents3 sources
Severity
5.3MEDIUM
EPSS
0.1%
top 65.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee AgentIntel Agent (ma)
Timeline
PublishedMar 14
Latest updateMay 17

Description

Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make a McAfee Agent talk with another, possibly rogue, ePO server via McAfee Agent migration to another ePO server.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

NVDmcafee/agent4.8.0
CVEListV5intel/agent_(ma)4.8.0 patch 2 and earlier

Patches

Patch: kc.mcafee.comPatch: kc.mcafee.com

🔴Vulnerability Details

2
GHSA
GHSA-84v3-8746-q3rg: Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 42022-05-17
CVEList
CVE-2015-8987: Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 42017-03-14
CVE-2015-8987 (MEDIUM CVSS 5.3) | Man-in-the-middle (MitM) attack vul | cvebase.io