McAfee Agent Insecure usage of temporary files vulnerability

CVE-2018-6707

3.7LOW

Key Information

Vendor: Mcafee
Status: Mcafee Agent (ma) Non-windows Non-windows Versions
Vendor: CVE Published:; 14 December 2018

Summary

Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism.

Affected Version(s)

McAfee Agent (MA) non-Windows non-Windows = 5.5.0

McAfee Agent (MA) non-Windows non-Windows = 5.5.1

McAfee Agent (MA) non-Windows non-Windows < 5.0.0*

References

http://www.securityfocus.com/bid/106307

vdb-entryx_refsource_BID

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 14, 2018
Vulnerability Reserved
Feb 6, 2018

Collectors

NVD DatabaseMitre Database

Credit

McAfee credits Brandon Vincent for discovery of this vulnerability.