CVE-2017-3912 MEDIUM

CVE-2017-3912: McAfee Application Control and Change Control (MACC) - password management security feature bypass (SFB) leading to an authentication bypass

Vendor Mcafee
Product McAfee Application Control and Change Control (MACC)
Weakness CWE-274
Published September 18, 2018
Last update August 5, 2024

CVSS base score

4.4/10
Attack vector Local
Attack complexity Low
Privileges required High
User interaction None
Confidentiality None
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

What the vulnerability does

01Description

Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.

Key dates

02Disclosure timeline

September 18, 2018 CVE published
August 5, 2024 Record updated