CVE-2018-6706 LOW

CVE-2018-6706: McAfee Agent (MA) non-Windows versions incorrect use of temporary file vulnerability

Vendor Mcafee
Product McAfee Agent (MA) for Linux
Weakness CWE-377
Published December 12, 2018
Last update August 5, 2024

CVSS base score

2.3/10
Attack vector Local
Attack complexity High
Privileges required High
User interaction Required
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N

What the vulnerability does

01Description

Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.

Key dates

02Disclosure timeline

December 12, 2018 CVE published
August 5, 2024 Record updated