CVE-2017-3912

McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass

CVSS 4.4 MEDIUMEPSS 0.4%CWE-274

Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Affected products

McAfee · McAfee Application Control and Change Control (MACC)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://kc.mcafee.com/corporate/index?page=content&id=SB10224 http://www.securityfocus.com/bid/102988