CVE-2019-3588

EPSS 0.04%
Veröffentlicht 10.06.2020 12:15:11
Zuletzt bearbeitet 21.11.2024 04:42:13
Quelle trellixpsirt@trellix.com
Teams Watchlist Login
Unerledigt Login

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan Messages - Threat Alert Window when the Windows Login Screen is locked.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Mcafee ≫ Virusscan Enterprise Version8.8 Update- SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch1 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch10 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch11 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch12 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch13 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch2 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch3 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch4 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch5 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch6 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch7 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch8 SwPlatformwindows

Mcafee ≫ Virusscan Enterprise Version8.8 Updatepatch9 SwPlatformwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.8	0.9	5.9	CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C
trellixpsirt@trellix.com	6.3	0.4	5.9	CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://kc.mcafee.com/corporate/index?page=content&id=SB10302

https://nvd.nist.gov/vuln/detail/CVE-2019-3588

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2019-3588

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2019-3588

EUVD