Mcafee Agent
25 CVEs affecting Mcafee Agent. Latest disclosed: 2022-07-27. Critical: 1, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-6703 | Critical | 9.8 | 2018-12-11 | Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause… |
CVE-2021-1257 | High | 8.8 | 2021-01-20 | A vulnerability in the web-based management interface of Cisco DNA Center Software could allow an unauthenticated, remote attacker to conduct a cross-site requ… |
CVE-2022-1258 | High | 8.4 | 2022-04-14 | A blind SQL injection vulnerability in the ePolicy Orchestrator (ePO) extension of MA prior to 5.7.6 can be exploited by an authenticated administrator on ePO… |
CVE-2022-2313 | High | 8.2 | 2022-07-27 | A DLL hijacking vulnerability in the MA Smart Installer for Windows prior to 5.7.7, which allows local users to execute arbitrary code and obtain higher privil… |
CVE-2021-31847 | High | 8.2 | 2021-09-22 | Improper access control vulnerability in the repair process for McAfee Agent for Windows prior to 5.7.4 could allow a local attacker to perform a DLL preloadin… |
CVE-2022-1256 | High | 7.8 | 2022-04-14 | A local privilege escalation vulnerability in MA for Windows prior to 5.7.6 allows a local low privileged user to gain system privileges through running the re… |
CVE-2022-0166 | High | 7.8 | 2022-01-19 | A privilege escalation vulnerability in the McAfee Agent prior to 5.7.5. McAfee Agent uses openssl.cnf during the build process to specify the OPENSSLDIR varia… |
CVE-2018-6705 | High | 7.8 | 2018-12-12 | Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command executi… |
CVE-2018-6704 | High | 7.8 | 2018-12-12 | Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command executi… |
CVE-2021-31854 | High | 7.7 | 2022-01-19 | A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local users to inject arbitrary shell code into the file cleanup.exe… |
CVE-2019-3599 | High | 7.5 | 2019-02-28 | Information Disclosure vulnerability in Remote logging (which is disabled by default) in McAfee Agent (MA) 5.x allows remote unauthenticated users to access se… |
CVE-2018-6706 | High | 7.5 | 2018-12-12 | Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths du… |
CVE-2019-3592 | High | 7.2 | 2019-07-18 | Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 HF3, allows local administrator users to potentially disable some McAfee processes by mani… |
CVE-2022-1257 | Medium | 6.1 | 2022-04-14 | Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive info… |
CVE-2019-3613 | Medium | 5.9 | 2020-06-10 | DLL Search Order Hijacking vulnerability in McAfee Agent (MA) prior to 5.6.4 allows attackers with local access to execute arbitrary code via execution from a… |
CVE-2019-1559 | Medium | 5.9 | 2019-02-27 | If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can… |
CVE-2020-7253 | Medium | 5.7 | 2020-03-12 | Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protect… |
CVE-2020-7343 | Medium | 5.5 | 2021-01-18 | Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a direct… |
CVE-2019-3598 | Medium | 5.3 | 2019-02-28 | Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x allows remote unauthenticated users to potentially cause a denial of service via specificall… |
CVE-2015-8987 | Medium | 5.3 | 2017-03-14 | Man-in-the-middle (MitM) attack vulnerability in non-Mac OS agents in McAfee (now Intel Security) Agent (MA) 4.8.0 patch 2 and earlier allows attackers to make… |