| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2022-1257 |
922 |
|
|
2022-04-14 |
2022-04-23 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files. |
|
2 |
CVE-2021-31842 |
776 |
|
DoS |
2021-09-17 |
2022-05-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
XML Entity Expansion injection vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2021 Update allows a local user to initiate high CPU and memory consumption resulting in a Denial of Service attack through carefully editing the EPDeploy.xml file and then executing the setup process. |
|
3 |
CVE-2021-31839 |
269 |
|
|
2021-06-10 |
2021-06-15 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the ePO server. |
|
4 |
CVE-2021-23896 |
319 |
|
|
2021-06-02 |
2021-06-11 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
|
Cleartext Transmission of Sensitive Information vulnerability in the administrator interface of McAfee Database Security (DBSec) prior to 4.8.2 allows an administrator to view the unencrypted password of the McAfee Insights Server used to pass data to the Insights Server. This user is restricted to only have access to DBSec data in the Insights Server. |
|
5 |
CVE-2021-23884 |
319 |
|
|
2021-04-15 |
2021-04-21 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
|
Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter (CSR) prior to 2.8.0 allows an ePO administrator to view the unencrypted password of the McAfee Web Gateway (MWG) or the password of the McAfee Web Gateway Cloud Server (MWGCS) read only user used to retrieve log files for analysis in CSR. |
|
6 |
CVE-2021-23880 |
269 |
|
|
2021-02-10 |
2021-02-12 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Improper Access Control in attribute in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows authenticated local administrator user to perform an uninstallation of the anti-malware engine via the running of a specific command with the correct parameters. |
|
7 |
CVE-2020-13938 |
862 |
|
|
2021-06-10 |
2022-04-15 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows |
|
8 |
CVE-2020-7343 |
862 |
|
|
2021-01-18 |
2021-01-26 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files. |
|
9 |
CVE-2020-7322 |
532 |
|
|
2020-09-09 |
2022-05-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Information Disclosure Vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local users to gain access to sensitive information via incorrectly logging of sensitive information in debug logs. |
|
10 |
CVE-2020-7320 |
|
|
|
2020-09-09 |
2020-09-11 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Protection Mechanism Failure vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 September 2020 Update allows local administrator to temporarily reduce the detection capability allowing otherwise detected malware to run via stopping certain Microsoft services. |
|
11 |
CVE-2020-7318 |
79 |
|
XSS |
2020-10-14 |
2020-12-23 |
2.3 |
None |
Local Network |
Medium |
??? |
None |
Partial |
None |
|
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized. |
|
12 |
CVE-2020-7317 |
79 |
|
XSS |
2020-10-14 |
2020-10-19 |
2.3 |
None |
Local Network |
Medium |
??? |
None |
Partial |
None |
|
Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed. |
|
13 |
CVE-2020-7307 |
522 |
|
|
2020-08-13 |
2022-06-01 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials. |
|
14 |
CVE-2020-7306 |
522 |
|
|
2020-08-13 |
2022-07-01 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text |
|
15 |
CVE-2020-7303 |
79 |
|
XSS |
2020-08-13 |
2020-08-14 |
2.3 |
None |
Local Network |
Medium |
??? |
None |
Partial |
None |
|
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new label. |
|
16 |
CVE-2020-7297 |
287 |
|
|
2020-09-16 |
2022-07-01 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
|
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface. |
|
17 |
CVE-2020-7296 |
287 |
|
|
2020-09-15 |
2022-01-06 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
|
Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface. |
|
18 |
CVE-2020-7273 |
269 |
|
|
2020-04-15 |
2020-04-20 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Accessing functionality not properly constrained by ACLs vulnerability in the autorun start-up protection in McAfee Endpoint Security (ENS) for Windows Prior to 10.7.0 April 2020 Update allows local users to delete or rename programs in the autorun key via manipulation of some parameters. |
|
19 |
CVE-2020-7262 |
200 |
|
+Info |
2020-06-22 |
2022-07-01 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Improper Access Control vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.10.0 allows local users to view sensitive files via a carefully crafted HTTP request parameter. |
|
20 |
CVE-2020-7261 |
120 |
|
Overflow |
2020-04-15 |
2020-04-20 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input. |
|
21 |
CVE-2020-7253 |
20 |
|
|
2020-03-12 |
2020-03-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protection via a McAfee supplied command-line utility. |
|
22 |
CVE-2020-7251 |
863 |
|
|
2020-02-14 |
2020-02-27 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS. |
|
23 |
CVE-2020-0543 |
459 |
|
|
2020-06-15 |
2022-04-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. |
|
24 |
CVE-2019-3663 |
522 |
|
|
2019-11-14 |
2020-01-07 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Unprotected Storage of Credentials vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8 allows local attacker to gain access to the root password via accessing sensitive files on the system. This was originally published with a CVSS rating of High, further investigation has resulted in this being updated to Critical. The root password is common across all instances of ATD prior to 4.8. See the Security bulletin for further details |
|
25 |
CVE-2019-3653 |
|
|
|
2019-10-09 |
2020-10-16 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Improper access control vulnerability in Configuration tool in McAfee Endpoint Security (ENS) Prior to 10.6.1 October 2019 Update allows local user to gain access to security configuration via unauthorized use of the configuration tool. |
|
26 |
CVE-2019-3615 |
200 |
|
+Info |
2019-03-12 |
2020-08-24 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Data Leakage Attacks vulnerability in the web interface in McAfee Database Security prior to the 4.6.6 March 2019 update allows local users to expose passwords via incorrectly auto completing password fields in the admin browser login screen. |
|
27 |
CVE-2019-3612 |
312 |
|
|
2019-04-10 |
2023-02-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Information Disclosure vulnerability in McAfee DXL Platform and TIE Server in DXL prior to 5.0.1 HF2 and TIE prior to 2.3.1 HF1 allows Authenticated users to view sensitive information in plain text via the GUI or command line. |
|
28 |
CVE-2019-2766 |
|
|
|
2019-07-23 |
2022-10-06 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 7u221, 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). |
|
29 |
CVE-2015-8577 |
264 |
|
Overflow Bypass |
2015-12-16 |
2016-05-26 |
2.6 |
None |
Local |
High |
Not required |
Partial |
Partial |
None |
|
The Buffer Overflow Protection (BOP) feature in McAfee VirusScan Enterprise before 8.8 Patch 6 allocates memory with Read, Write, Execute (RWX) permissions at predictable addresses on 32-bit platforms when protecting another application, which allows attackers to bypass the DEP and ASLR protection mechanisms via unspecified vectors. |
|
30 |
CVE-2015-7238 |
264 |
|
+Info |
2015-09-18 |
2015-09-22 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The Secondary server in Threat Intelligence Exchange (TIE) before 1.2.0 uses weak permissions for unspecified (1) configuration files and (2) installation logs, which allows local users to obtain sensitive information by reading the files. |
|
31 |
CVE-2014-8537 |
200 |
|
+Info |
2014-10-29 |
2017-09-08 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading the logs. |
|
32 |
CVE-2014-8536 |
200 |
|
+Info |
2014-10-29 |
2017-09-08 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to obtain sensitive information by reading unspecified error messages. |
|
33 |
CVE-2014-8534 |
|
|
DoS |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in the login form in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to cause a denial of service via a crafted value in the domain field. |
|
34 |
CVE-2014-8529 |
310 |
|
+Info |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 stores the SSH key in cleartext, which allows local users to obtain sensitive information via unspecified vectors. |
|
35 |
CVE-2014-8528 |
200 |
|
+Info |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 logs session IDs, which allows local users to obtain sensitive information by reading the audit log. |
|
36 |
CVE-2014-8526 |
200 |
|
+Info |
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee Network Data Loss Prevention (NDLP) before 9.3 allows local users to obtain sensitive information by reading a Java stack trace. |
|
37 |
CVE-2014-8519 |
|
|
|
2014-10-29 |
2014-10-30 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.2.2 allows local users to read arbitrary files via unknown vectors. |
|
38 |
CVE-2014-8518 |
255 |
|
|
2014-10-29 |
2014-11-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The (1) Removable Media and (2) CD and DVD encryption offsite access options (formerly Endpoint Encryption for Removable Media or EERM) in McAfee File and Removable Media Protection (FRP) 4.3.0.x, and Endpoint Encryption for Files and Folders (EEFF) 3.2.x through 4.2.x, uses a hard-coded salt, which makes it easier for local users to obtain passwords via a brute force attack. |
|
39 |
CVE-2013-7461 |
284 |
|
Bypass |
2017-03-14 |
2017-03-16 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Change Control (MCC) 6.1.0 for Linux and earlier allows authenticated users to change files that are part of write protection rules via specific conditions. |
|
40 |
CVE-2013-7460 |
284 |
|
Bypass |
2017-03-14 |
2017-03-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A write protection and execution bypass vulnerability in McAfee (now Intel Security) Application Control (MAC) 6.1.0 for Linux and earlier allows authenticated users to change binaries that are part of the Application Control whitelist and allows execution of binaries via specific conditions. |
|
41 |
CVE-2012-4589 |
|
|
|
2012-08-22 |
2017-08-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Login.aspx in the Portal in McAfee Enterprise Mobility Manager (EMM) before 10.0 does not have an off autocomplete attribute for unspecified form fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation. |
|
42 |
CVE-2010-5143 |
264 |
|
|
2012-08-22 |
2012-08-22 |
2.6 |
None |
Local |
High |
Not required |
None |
Partial |
Partial |
|
McAfee VirusScan Enterprise before 8.8 allows local users to disable the product by leveraging administrative privileges to execute an unspecified Metasploit Framework module. |
|
43 |
CVE-2008-7020 |
310 |
|
+Info |
2009-08-21 |
2017-08-17 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
McAfee SafeBoot Device Encryption 4 build 4750 and earlier stores pre-boot authentication passwords in the BIOS Keyboard buffer and does not clear this buffer after use, which allows local users to obtain sensitive information by reading the physical memory locations associated with this buffer. |
|
44 |
CVE-2006-3575 |
|
|
DoS Overflow |
2006-07-13 |
2018-10-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Unknown vulnerability in the Buffer Overflow Protection in McAfee VirusScan Enterprise 8.0.0 allows local users to cause a denial of service (unstable operation) via a long string in the (1) "Process name", (2) "Module name", or (3) "API name" fields. |
|
45 |
CVE-2000-0502 |
|
|
|
2000-06-08 |
2017-10-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion. |
