Code Execution Vulnerability in Intel Security VirusScan Enterprise Linux
CVE-2016-8020

8HIGH

Key Information:

Vendor: Intel
Status: Virusscan Enterprise Linux (vsel)
Vendor: CVE Published:; 14 March 2017

🔔 Create Intel Vulnerability Alert

What is CVE-2016-8020?

A code execution vulnerability exists in Intel Security VirusScan Enterprise Linux (VSEL) 2.0.3 and earlier, allowing remote authenticated users to exploit the system by sending crafted HTTP request parameters. This could lead to the execution of arbitrary code on the affected system, potentially compromising its security and integrity.

Affected Version(s)

VirusScan Enterprise Linux (VSEL) 2.0.3 (and earlier)

References

http://www.securityfocus.com/bid/94823

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1037433

vdb-entryx_refsource_SECTRACK

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 14, 2017
Vulnerability Reserved
Sep 9, 2016

.

CVE-2016-8020 : Code Execution Vulnerability in Intel Security VirusScan Enterprise Linux