Vulnerability in Mcafee Endpoint_security
CVE-2021-31843
Improper privileges management vulnerability in McAfee Endpoint Security (ENS) Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links t…
EPSS: 0.003 (21.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.3 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Mcafee Endpoint_security — versions 10.7.0
- Mcafee,llc Mcafee Endpoint Security (Ens) For Windows — versions unspecified
Weakness classification (CWE)
References
- trellixpsirt@trellix.com (x_refsource_CONFIRM)
Frequently asked questions
- What is CVE-2021-31843?
- CVE-2021-31843 is a high-severity vulnerability in Mcafee Endpoint_security, classified under Improper Link Resolution Before File Access. CVSS score: 7.3/10. Published 2021-09-17.
- How severe is CVE-2021-31843?
- High severity. CVSS v3 base score is 7.3 out of 10.