CVE-2018-6707

CWE-400 — Uncontrolled Resource Consumption3 documents3 sources

Severity

7.0HIGH

EPSS

0.0%

top 88.90%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mcafee Mcafee Agent (ma) Non-windows Non-windows Versions Mcafee Agent

Timeline

PublishedDec 14

Latest updateMay 13

Description

Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism.

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:N/A:LExploitability: 0.6 | Impact: 2.7

Affected Packages2 packages

▶CVEListV5mcafee/mcafee_agent_(ma)_non-windows_non-windows_versions5.0.0 — 5.0.0*+3

▶NVDmcafee/agent5.0.0 — 5.0.6+2

🔴Vulnerability Details

GHSA

GHSA-4526-pqcm-97mm: Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5↗2022-05-13

▶

CVEList

McAfee Agent Insecure usage of temporary files vulnerability↗2018-12-13

▶