CVE-2014-8518

{"id": "CVE-2014-8518", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 2.1, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-10-29T14:55:04.297", "references": [{"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10089", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-255"}]}], "descriptions": [{"lang": "en", "value": "The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack."}, {"lang": "es", "value": "Las opciones de acceso fuera del sitio de cifrado de (1) Removable Media y (2) CD and DVD (anteriormente Endpoint Encryption for Removable Media o EERM) en File and Removable Media Protection (FRP) versiones 4.3.0.x, y Endpoint Encryption for Files and Folders (EEFF) versiones 3.2.x hasta 4.2.x de McAfee, utiliza una sal embebida, lo que facilita a los usuarios locales obtener contrase\u00f1as por medio de un ataque de fuerza bruta."}], "lastModified": "2014-11-19T03:03:01.713", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CD050E5-D165-4440-B3EC-DC0342D87A50"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "045EC46E-EBD0-4C21-90C8-AD46981ED761"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DD491B8D-D366-44A7-922E-CC4690CA610B"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.4.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8253DF88-4CD3-47F1-A4AA-311F2C335F3D"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3A36D134-FEF4-4350-8AAA-908E85699230"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BCA2B741-791F-42A2-AFE5-BCFED5347687"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.6.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "89CC1C16-4651-44E9-896D-C390664D5F14"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "88763220-3404-4C9F-8211-9FAD8FDCD7C2"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4D872198-3C2C-4084-9E19-4672AEF7A1D3"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2406F8D7-7BC6-4A11-A8E2-DBB2B40A71D6"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:3.2.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "33964367-926B-4A4E-BECC-866624FE98AD"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:4.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7BB2C186-D4A8-42F1-8C11-0ECE3FD90E7C"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:4.0.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F166AE48-0D5E-4258-884B-FCBE8EDF9471"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:4.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F02C85B9-6E57-4D0C-94C2-42373E3605A1"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:4.0.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B1DC88AC-B8C2-4904-8953-AE4898BFD090"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:4.1.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BB05E06-4A9B-43FB-AFB1-CF0B0B1736FD"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:4.1.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CDC0BE36-042D-4C51-8657-6E3ED047C0A0"}, {"criteria": "cpe:2.3:a:mcafee:endpoint_encryption_for_files_and_folders:4.2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "423A4FC7-6151-4955-969E-2817A409A5CB"}, {"criteria": "cpe:2.3:a:mcafee:file_and_removable_media_protection:4.3.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8BC4C57-D216-4A97-BABC-89FC3ECF2859"}, {"criteria": "cpe:2.3:a:mcafee:file_and_removable_media_protection:4.3.0.224:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0F902F6C-632C-48A2-86E2-A1B6B911283D"}, {"criteria": "cpe:2.3:a:mcafee:file_and_removable_media_protection:4.3.0.243:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DE6BFD69-30FA-4C55-A81A-3383EC45D1D5"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}