Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-8016

CWE-200Information Exposure4 documents4 sources
Severity
3.4LOW
EPSS
9.8%
top 7.02%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Mcafee Virusscan EnterpriseIntel Virusscan Enterprise Linux (vsel)
Timeline
PublishedMar 14
Latest updateMay 17

Description

Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier) allows authenticated remote attackers to obtain the existence of unauthorized files on the system via a URL parameter.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:N/A:NExploitability: 1.7 | Impact: 1.4

Affected Packages2 packages

CVEListV5intel/virusscan_enterprise_linux_(vsel)2.0.3 (and earlier)

🔴Vulnerability Details

2
GHSA
GHSA-w7mx-gfjp-xx9c: Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 22022-05-17
CVEList
CVE-2016-8016: Information exposure in Intel Security VirusScan Enterprise Linux (VSEL) 22017-03-14

💥Exploits & PoCs

1
Exploit-DB
McAfee Virus Scan Enterprise for Linux 1.9.2 < 2.0.2 - Remote Code Execution2016-12-13
CVE-2016-8016 (LOW CVSS 3.4) | Information exposure in Intel Secur | cvebase.io