CVE-2013-7460

{"id": "CVE-2013-7460", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2017-03-14T22:59:00.180", "references": [{"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10054", "tags": ["Patch", "Vendor Advisory"], "source": "secure@intel.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10054", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-284"}]}], "descriptions": [{"lang": "en", "value": "A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions."}, {"lang": "es", "value": "Una vulnerabilidad de elusi\u00f3n de protecci\u00f3n de escritura y ejecuci\u00f3n en McAfee (ahora Intel Security) Application Control (MAC) 6.1.0 para Linux y versiones anteriores permite a usuarios autenticados cambiar los binarios que forman parte de la lista blanca de Application Control y permite ejecuci\u00f3n de binarios a trav\u00e9s de condiciones espec\u00edficas."}], "lastModified": "2024-11-21T02:01:03.737", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:application_control:*:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "70954478-492A-4133-B9C2-763E58B39C2A", "versionEndIncluding": "6.1.0"}, {"criteria": "cpe:2.3:a:mcafee:change_control:*:*:*:*:*:linux:*:*", "vulnerable": true, "matchCriteriaId": "1FA809D9-F44D-46C8-9663-02E75574CC51", "versionEndIncluding": "6.1.0"}], "operator": "OR"}]}], "sourceIdentifier": "secure@intel.com"}