CVE-2018-6706

Name of the Vulnerable Software and Affected Versions McAfee Agent versions 5.0.0 through 5.0.6 McAfee Agent versions 5.5.0 and 5.5.1

Description The issue is related to insecure handling of temporary files in the McAfee Agent, which can be exploited by an unprivileged user to introduce custom paths during agent installation in Linux. This can potentially allow a remote attacker to elevate their privileges.

Recommendations For McAfee Agent versions 5.0.0 through 5.0.6, update to a version outside of this range to resolve the issue. For McAfee Agent versions 5.5.0 and 5.5.1, update to a version outside of this range to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.