CVE-2016-8010 — Improper Access Control in Application Control

CWE-284 — Improper Access Control3 documents3 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 85.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Application Control Mcafee Endpoint Security Intel Mcafee Application Control

Timeline

PublishedMar 14

Latest updateMay 17

Description

Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7.0 and earlier and Endpoint Security (ENS) 10.2 and earlier allows local users to bypass local security protection via a command-line utility.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶NVDmcafee/endpoint_security10.2

▶CVEListV5intel/mcafee_application_control7.0

▶NVDmcafee/application_control7.0.0

🔴Vulnerability Details

GHSA

GHSA-pq6q-wr9f-vgj5: Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7↗2022-05-17

▶

CVEList

CVE-2016-8010: Application protections bypass vulnerability in Intel Security McAfee Application Control (MAC) 7↗2017-03-14

▶