TrellixCVELIST:CVE-2020-7251CVE-2020-7251 ESConfig Tool able to edit configuration for newer version
5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.
CNA Affected
[
{
"product": "Mcafee Endpoint Security (ENS)",
"vendor": "McAfee, LLC",
"versions": [
{
"lessThan": "10.6.1 February 2020 update",
"status": "affected",
"version": "10.6.x",
"versionType": "custom"
}
]
}
]Related
5 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N
5.4 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%