McAfee Agent for Linux Privilege Escalation vulnerability

CVE-2018-6704

4.7MEDIUM

Key Information

Vendor: Mcafee
Status: Mcafee Agent (ma) For Linux
Vendor: CVE Published:; 12 December 2018

Summary

Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.

Affected Version(s)

McAfee Agent (MA) for Linux x86 5.5.0

McAfee Agent (MA) for Linux x86 5.5.1

McAfee Agent (MA) for Linux x86 5.0.0 < 5.0.0*

References

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 12, 2018
Vulnerability Reserved
Feb 6, 2018

Collectors

NVD DatabaseMitre Database

Credit

McAfee credits Andreas Dewald, ERNW Research GmbH (Germany) for discovery of this vulnerability