Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-3984

CWE-284Improper Access Control4 documents4 sources
Severity
5.1MEDIUM
EPSS
0.3%
top 47.54%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
7
Mcafee Active ResponseMcafee AgentMcafee Data Exchange Layer+4 more
Timeline
PublishedApr 8
Latest updateMay 17

Description

The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161, Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333), Data Exchange Layer 2.x (DXL) before 2.0.1.140.1, Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3, Endpoint Security (ENS) 10.x before 10.1, Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624, and VirusScan Enterprise (VSE) 8.8 before P

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:HExploitability: 0.8 | Impact: 4.2

Affected Packages7 packages

🔴Vulnerability Details

2
GHSA
GHSA-55vh-mg3p-5pp2: The McAfee VirusScan Console (mcconsol2022-05-17
CVEList
CVE-2016-3984: The McAfee VirusScan Console (mcconsol2016-04-08

💥Exploits & PoCs

1
Exploit-DB
McAfee VirusScan Enterprise 8.8 - Security Restrictions Bypass2016-03-07
CVE-2016-3984 (MEDIUM CVSS 5.1) | The McAfee VirusScan Console (mccon | cvebase.io