PT-2017-16164 · Mcafee · Intel Security Mcafee Agent

Published

2017-02-13

Updated

2017-07-26

CVE-2017-3896

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Intel Security McAfee Agent versions prior to 5.0.4.449

Description The issue concerns an unvalidated parameter vulnerability in the remote log viewing capability. This allows remote attackers to pass unexpected input parameters via a URL that was not completely validated.

Recommendations For versions prior to 5.0.4.449, update to version 5.0.4.449 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-3896

Affected Products

Intel Security Mcafee Agent

PT-2017-16164 · Mcafee · Intel Security Mcafee Agent

CVE-2017-3896

Weakness Enumeration

Related Identifiers

Affected Products

References · 5