CVE-2015-3987

{"id": "CVE-2015-3987", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2015-05-14T14:59:14.507", "references": [{"url": "http://www.securityfocus.com/bid/74685", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "http://www.securitytracker.com/id/1032244", "tags": ["Third Party Advisory", "VDB Entry"], "source": "cve@mitre.org"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10115", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/74685", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id/1032244", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10115", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-426"}]}], "descriptions": [{"lang": "en", "value": "Multiple unquoted Windows search path vulnerabilities in the (1) Client Management and (2) Gateway in McAfee ePO Deep Command 2.1 and 2.2 before HF 1058831 allow local users to gain privileges via unspecified vectors."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de ruta no confiable en la b\u00fasqueda no literal de Windows en el (1) Client Management y (2) Gateway en McAfee ePO Deep Command 2.1 y 2.2 anterior a HF 1058831 permite a usuarios locales ganar privilegios mediante vectores desconocidos."}], "lastModified": "2024-11-21T02:30:12.770", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:epo_deep_command:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9F100FC-C6E9-4972-9892-73D44BEE0792"}, {"criteria": "cpe:2.3:a:mcafee:epo_deep_command:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD1FD9A2-7761-4170-9C53-388CC07E03BB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}