| |
Vulnerability CVE-2020-7325
Published: 2020-09-09
| Description: |
Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.9 Update allows local users to access files which the user otherwise would not have access to via manipulating symbolic links to redirect McAfee file operations to an unintended file. |
Type:
CWE-59 (Improper Link Resolution Before File Access ('Link Following'))
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.6/10 |
6.4/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://kc.mcafee.com/corporate/index?page=content&id=SB10328
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
