McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass
CVE-2017-3912

4.4MEDIUM

Key Information:

Vendor: Mcafee
Status: Mcafee Application Control And Change Control (macc)
Vendor: CVE Published:; 18 September 2018

What is CVE-2017-3912?

Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

McAfee Application Control and Change Control (MACC) 6.2.0

McAfee Application Control and Change Control (MACC) x86 7.0.1

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/102988

vdb-entryx_refsource_BID

CVSS V3.1

Score:

4.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2018
Vulnerability Reserved
Dec 26, 2016

Credit

McAfee credits Saurabh Tripathi and Sukesh Shetty for reporting this flaw.

JSON

Mcafee

What is CVE-2017-3912?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Credit

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.