RSS   Podatności dla 'Application and change control'   RSS

2022-01-04
 
CVE-2021-31833

CWE-269
 

 
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.

 
2020-10-15
 
CVE-2020-7334

CWE-269
 

 
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further controls for installation/uninstallation of software.

 
2020-08-26
 
CVE-2020-7309

CWE-79
 

 
Cross Site Scripting vulnerability in ePO extension in McAfee Application Control (MAC) prior to 8.3.1 allows administrators to inject arbitrary web script or HTML via specially crafted input in the policy discovery section.

 
2020-03-26
 
CVE-2020-7260

CWE-426
 

 
DLL Side Loading vulnerability in the installer for McAfee Application and Change Control (MACC) prior to 8.3 allows local users to execute arbitrary code via execution from a compromised folder.

 
2018-09-18
 
CVE-2017-3912

CWE-287
 

 
Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility.

 

 >>> Vendor: Mcafee 136 Produkty
Virusscan
Webshield smtp
Remote desktop 32
E-business server
Asap virusscan
Epolicy orchestrator
Entercept agent
Antivirus engine
Freescan
Security installer control system
Internet security suite
Intrushield security management system
Epolicy orchestrator agent
Antispyware
Mcinsctl.dll
Virusscan security center
Common management agent
Virusscan enterprise
Virex
Asset manager
Personal firewall plus
Privacy service
Quickclean
Security center
Spamkiller
Wireless home network security
Enterprise security manager
Scan engine
Protectionpilot
Network agent
Endpoint security
Neotrace
Visual trace
Securitycenter agent
Internet security
Agent
CMA
Mcafee framework
Encrypted usb manager
Safeboot device encryption
Active virus defense
Active virusscan
Email gateway
Securityshield for email servers
Securityshield for microsoft isa server
Securityshield for microsoft sharepoint
Total protection
Total protection for endpoint
Virusscan commandline
Virusscan plus
Virusscan usb
Groupshield
Gateway
Smartfilter
Email and web security appliance
Intrushield network security manager
Anti-virus plus
Web gateway
Secure mail
Unified threat management firewall firmware
Data loss prevention
Saas endpoint protection
Linuxshield
Host data loss prevention
Firewall reporter
Email and web security
Enterprise mobility manager
Enterprise mobility manager agent
Application control
Change control
Mcafee virtual technician
Epo mcafee virtual technician
Total protection 2010
Vulnerability manager
Superscan
Cloud identity manager
Cloud single sign on
Network security manager
Network data loss prevention
Endpoint encryption for files and folders
Mcafee file and removable media protection
File and removable media protection
Data loss prevention endpoint
Mcafee agent
Advanced threat defense
Epo deep command
Threat intelligence exchange
Enterprise security manager/log manager
Enterprise security manager/receiver
Mcafee enterprise security manager
File lock
Livesafe
Active response
Data exchange layer
Host intrusion prevention
Smartfilter administration
Security information and event management
Security scan plus
Host intrusion prevention services
Cloud analysis and deconstructive services
Zobacz wszystkie produkty dla producenta Mcafee


Copyright 2024, cxsecurity.com

 

Back to Top