Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:mcafee:application_and_change_control:6.2.0:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-0221 |
Product security bypass vulnerability in ACC prior to version 8.3.4 allows a locally logged-in attacker with administrator privileges to bypass the execution controls provided by ACC using the utilman program. Published: January 13, 2023; 11:15:08 AM -0500 |
V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2021-31833 |
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run. Published: January 04, 2022; 5:15:07 AM -0500 |
V3.1: 7.8 HIGH V2.0: 4.6 MEDIUM |
CVE-2020-7334 |
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further controls for installation/uninstallation of software. Published: October 15, 2020; 5:15:11 AM -0400 |
V3.1: 8.2 HIGH V2.0: 4.6 MEDIUM |
CVE-2020-7309 |
Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section. Published: August 26, 2020; 2:15:12 AM -0400 |
V3.1: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2020-7260 |
DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder. Published: March 26, 2020; 9:15:13 AM -0400 |
V3.1: 7.8 HIGH V2.0: 4.4 MEDIUM |
CVE-2017-3912 |
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility. Published: September 18, 2018; 6:29:00 PM -0400 |
V3.0: 7.8 HIGH V2.0: 4.6 MEDIUM |