CVE-2021-31843 : Improper privileges management vulnerability in McAfee Endpoint Security (ENS) W

Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended location.

Published 2021-09-17 14:15:08

Updated 2023-02-16 02:54:29

Source McAfee (DEFUNCT)

View at NVD, CVE.org

Products affected by CVE-2021-31843

Mcafee » Endpoint Security » For Windows
Versions before (<) 10.7.0
cpe:2.3:a:mcafee:endpoint_security:*:*:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update February 2020 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2020:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update July 2020 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:july_2020:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update November 2020 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:november_2020:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update September 2020 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:september_2020:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:-:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update April 2020 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2020:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update April 2021 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:april_2021:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update February 2021 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:february_2021:*:*:*:windows:*:*
Matching versions
Mcafee » Endpoint Security » Version: 10.7.0 Update June 2021 For Windows
cpe:2.3:a:mcafee:endpoint_security:10.7.0:june_2021:*:*:*:windows:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2021-31843

EPSS FAQ

0.10%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 25 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-31843

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H	1.8	5.9	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
7.3	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H	1.3	5.9	McAfee (DEFUNCT)
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2021-31843

CWE-59 Improper Link Resolution Before File Access ('Link Following')

The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.
Assigned by:
- nvd@nist.gov (Secondary)
- psirt@mcafee.com (Primary)

References for CVE-2021-31843

https://kc.mcafee.com/corporate/index?page=content&id=SB10367

Security Bulletin - Endpoint Security for Windows update fixes two vulnerabilities (CVE-2021-31843, CVE-2021-31842) and updates the cURL library
Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2021-31843

Products affected by CVE-2021-31843

Exploit prediction scoring system (EPSS) score for CVE-2021-31843

CVSS scores for CVE-2021-31843

CWE ids for CVE-2021-31843

References for CVE-2021-31843