CVE-2020-7284

Name of the Vulnerable Software and Affected Versions McAfee Network Security Management (NSM) versions prior to 10.1.7.7

Description The issue is related to the exposure of sensitive information in McAfee Network Security Management (NSM), which can be exploited by local users to gain unauthorized access to the root account. This is achieved by executing carefully crafted commands from the restricted command line interface (CLI). The vulnerability is associated with a lack of protection for service data, allowing an attacker to obtain unauthorized access to protected information by executing specially crafted commands.

Recommendations For versions prior to 10.1.7.7, update to version 10.1.7.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the restricted command line interface (CLI) to minimize the risk of exploitation.