CVE-2015-8024 : McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manag

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and Enterprise Security Manager/Receiver (ESMREC) 9.3.x before 9.3.2MR19, 9.4.x before 9.4.2MR9, and 9.5.x before 9.5.0MR8, when configured to use Active Directory or LDAP authentication sources, allow remote attackers to bypass authentication by logging in with the username "NGCP|NGCP|NGCP;" and any password.

Published 2015-12-02 16:59:00

Updated 2016-12-07 18:25:59

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2015-8024

Probability of exploitation activity in the next 30 days: 0.88%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 80 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2015-8024

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	NIST
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2015-8024

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2015-8024

http://www.quantumleap.it/mcafee-siem-esm-esmrec-and-esmlm-authentication-bypass-vulnerability/

McAfee SIEM ESM, ESMREC, and ESMLM Authentication Bypass vulnerability - Quantum leap
https://kc.mcafee.com/corporate/index?page=content&id=SB10137

Vendor Advisory
http://www.securitytracker.com/id/1034288

McAfee Enterprise Security Manager Lets Remote Users Bypass Authentication on the Target System - SecurityTracker

Products affected by CVE-2015-8024

Mcafee » Mcafee Enterprise Security Manager » Version: 9.3.2
cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.2:*:*:*:*:*:*:*
Matching versions
Mcafee » Mcafee Enterprise Security Manager » Version: 9.3.1
cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.1:*:*:*:*:*:*:*
Matching versions
Mcafee » Mcafee Enterprise Security Manager » Version: 9.3.0
cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.3.0:*:*:*:*:*:*:*
Matching versions
Mcafee » Mcafee Enterprise Security Manager » Version: 9.4.0
cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.0:*:*:*:*:*:*:*
Matching versions
Mcafee » Mcafee Enterprise Security Manager » Version: 9.4.1
cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.1:*:*:*:*:*:*:*
Matching versions
Mcafee » Mcafee Enterprise Security Manager » Version: 9.4.2
cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.4.2:*:*:*:*:*:*:*
Matching versions
Mcafee » Mcafee Enterprise Security Manager » Version: 9.5.0
cpe:2.3:a:mcafee:mcafee_enterprise_security_manager:9.5.0:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2015-8024

Exploit prediction scoring system (EPSS) score for CVE-2015-8024

CVSS scores for CVE-2015-8024

CWE ids for CVE-2015-8024

References for CVE-2015-8024

Products affected by CVE-2015-8024