CVE-2020-7290

CWE-274CWE-269Improper Privilege Management3 documents3 sources
Severity
7.8HIGH
EPSS
0.0%
top 85.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Mcafee,llc Mcafee Active Response (mar) FOR LinuxMcafee Active Response
Timeline
PublishedMay 8
Latest updateMay 24

Description

Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 2.4.3 Hotfix 1 allows a malicious script or program to perform functions that the local executing user has not been granted access to.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:HExploitability: 1.1 | Impact: 6.0

Affected Packages2 packages

CVEListV5mcafee,llc/mcafee_active_response_(mar)_for_linux2.4.x2.4.3 Hotfix 1
NVDmcafee/active_response< 2.4.3+1

🔴Vulnerability Details

2
GHSA
GHSA-qq76-xxp3-9gp3: Privilege Escalation vulnerability in McAfee Active Response (MAR) for Linux prior to 22022-05-24
CVEList
Privilege Escalation vulnerability in MAR for Linux2020-05-08
CVE-2020-7290 (HIGH CVSS 7.8) | Privilege Escalation vulnerability | cvebase.io