CVE-2021-23882

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*

History

21 Nov 2024, 05:51

Type Values Removed Values Added
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Broken Link, Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Broken Link, Vendor Advisory
CVSS v2 : 1.9
v3 : 4.4
v2 : 1.9
v3 : 8.2

16 Nov 2023, 02:43

Type Values Removed Values Added
References () https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - () https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Broken Link, Vendor Advisory
CWE NVD-CWE-Other

07 Nov 2023, 03:30

Type Values Removed Values Added
References (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Vendor Advisory () https://kc.mcafee.com/corporate/index?page=content&id=SB10345 -
CWE CWE-269

Information

Published : 2021-02-10 10:15

Updated : 2024-11-21 05:51


NVD link : CVE-2021-23882

Mitre link : CVE-2021-23882

CVE.ORG link : CVE-2021-23882


JSON object : View

Products Affected

mcafee

  • endpoint_security
CWE
CWE-269

Improper Privilege Management

NVD-CWE-Other