CVE-2021-23882

Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade.

CVSS v3 8.2 HIGH
CVSS v2.0 1.9 LOW

8.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.5 / Impact : 6.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

1.9^/10

CVSS v2.0 : LOW

Vector : AV:L/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 3.4 / Impact : 2.9

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://kc.mcafee.com/corporate/index?page=content&id=SB10345	Broken Link Vendor Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10345	Broken Link Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*

History

21 Nov 2024, 05:51

Type	Values Removed	Values Added
References	~~() https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Broken Link, Vendor Advisory~~	() https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Broken Link, Vendor Advisory
CVSS	v2 : ~~1.9~~ v3 : ~~4.4~~	v2 : 1.9 v3 : 8.2

16 Nov 2023, 02:43

Type	Values Removed	Values Added
References	~~() https://kc.mcafee.com/corporate/index?page=content&id=SB10345 -~~	() https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Broken Link, Vendor Advisory
CWE		NVD-CWE-Other

07 Nov 2023, 03:30

Type	Values Removed	Values Added
References	~~(CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10345 - Vendor Advisory~~	() https://kc.mcafee.com/corporate/index?page=content&id=SB10345 -
CWE	~~CWE-269~~

Information

Published : 2021-02-10 10:15

Updated : 2024-11-21 05:51

NVD link : CVE-2021-23882

Mitre link : CVE-2021-23882

CVE.ORG link : CVE-2021-23882

JSON object : View

Products Affected

mcafee

endpoint_security

CWE

CWE-269

Improper Privilege Management

NVD-CWE-Other

{"id": "CVE-2021-23882", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 1.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.5}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 0.8}]}, "published": "2021-02-10T10:15:13.363", "references": [{"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", "tags": ["Broken Link", "Vendor Advisory"], "source": "trellixpsirt@trellix.com"}, {"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10345", "tags": ["Broken Link", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-269"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade."}, {"lang": "es", "value": "Una vulnerabilidad de Control de Acceso Inapropiado en McAfee Endpoint Security (ENS) para Windows versiones anteriores a 10.7.0 actualizaci\u00f3n de Febrero de 2021, permite a administradores locales impedir la instalaci\u00f3n de algunos archivos ENS al colocar archivos cuidadosamente dise\u00f1ados donde ser\u00e1 instalado ENS. Esto solo se aplica a instalaciones limpias de ENS, ya que las reglas de Control de Acceso impedir\u00e1n modificaciones antes de llevar a cabo una actualizaci\u00f3n"}], "lastModified": "2024-11-21T05:51:59.840", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*", "vulnerable": true, "matchCriteriaId": "CA4CEE25-A297-4D69-8CF8-5425875B206A", "versionEndExcluding": "10.7.0"}], "operator": "OR"}]}], "sourceIdentifier": "trellixpsirt@trellix.com"}