McAfee Agent Insecure usage of temporary files vulnerability
CVE-2018-6707

3.7LOW

Key Information:

Vendor: Mcafee
Status: Mcafee Agent (ma) Non-windows Non-windows Versions
Vendor: CVE Published:; 14 December 2018

Summary

Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism.

Affected Version(s)

McAfee Agent (MA) non-Windows non-Windows x86 5.5.0

McAfee Agent (MA) non-Windows non-Windows x86 5.5.1

McAfee Agent (MA) non-Windows non-Windows x86 5.0.0 < 5.0.0*

References

http://www.securityfocus.com/bid/106307

vdb-entryx_refsource_BID

https://kc.mcafee.com/corporate/index?page=content&id=SB1...

x_refsource_CONFIRM

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Dec 14, 2018
Vulnerability Reserved
Feb 6, 2018

Credit

McAfee credits Brandon Vincent for discovery of this vulnerability.