CVE-2018-6690 - OpenCVE

Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system.

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:L/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Microsoft	Windows
Mcafee	Application Change Control

Configuration 1 [-]

AND

OR	cpe:2.3:a:mcafee:application_change_control::::::::
	cpe:2.3:a:mcafee:application_change_control:8.0.0:-::::::
	cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix1::::::
	cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix2::::::
	cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix3::::::
	cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix4::::::

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

References

Link	Resource
https://cert-portal.siemens.com/productcert/pdf/ssa-674165.pdf
https://kc.mcafee.com/corporate/index?page=content&id=SB10250

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: trellix

Published: 2018-09-18T22:00:00

Updated: 2018-12-12T10:57:01

Reserved: 2018-02-06T00:00:00

Link: CVE-2018-6690

JSON object: View

NVD Information

Status : Modified

Published: 2018-09-18T22:29:00.413

Modified: 2023-11-07T03:00:24.270

Link: CVE-2018-6690

JSON object: View

Redhat Information

No data.

CWE

CWE-346

{"containers": {"cna": {"affected": [{"platforms": ["x86"], "product": "McAfee Application Control (MAC)", "vendor": "McAfee", "versions": [{"lessThanOrEqual": "8.0.0 HF 4", "status": "affected", "version": "8.0.0 HF 4", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "McAfee credits Paul W for reporting this flaw."}], "datePublic": "2018-09-16T00:00:00", "descriptions": [{"lang": "en", "value": "Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system."}], "metrics": [{"cvssV3_0": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"description": "Whitelist bypass", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-12-12T10:57:01", "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "shortName": "trellix"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-674165.pdf"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10250"}], "source": {"discovery": "EXTERNAL"}, "title": "McAfee Application Control (MAC) - Whitelist bypass using a hard drive solidified by MACC", "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@mcafee.com", "ID": "CVE-2018-6690", "STATE": "PUBLIC", "TITLE": "McAfee Application Control (MAC) - Whitelist bypass using a hard drive solidified by MACC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "McAfee Application Control (MAC)", "version": {"version_data": [{"affected": "<=", "platform": "x86", "version_affected": "<=", "version_name": "8.0.0 HF 4", "version_value": "8.0.0 HF 4"}]}}]}, "vendor_name": "McAfee"}]}}, "credit": [{"lang": "eng", "value": "McAfee credits Paul W for reporting this flaw."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system."}]}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.0"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Whitelist bypass"}]}]}, "references": {"reference_data": [{"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-674165.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-674165.pdf"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10250", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10250"}]}, "source": {"discovery": "EXTERNAL"}}}}, "cveMetadata": {"assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808", "assignerShortName": "trellix", "cveId": "CVE-2018-6690", "datePublished": "2018-09-18T22:00:00", "dateReserved": "2018-02-06T00:00:00", "dateUpdated": "2018-12-12T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mcafee:application_change_control:*:*:*:*:*:*:*:*", "matchCriteriaId": "AFB4AAA8-1FEA-4648-8D23-86ACA1865AE0", "versionEndIncluding": "7.0.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_change_control:8.0.0:-:*:*:*:*:*:*", "matchCriteriaId": "F49B3D91-C415-4475-AB0C-C8616EA1D618", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "F7855EC9-B8F2-4155-9801-5AE40CBC6F73", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "4F98D1F8-5EE8-43FB-A5D9-189D6C85D37E", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix3:*:*:*:*:*:*", "matchCriteriaId": "841EFE70-EEA2-41C2-B131-74EFA6F27E11", "vulnerable": true}, {"criteria": "cpe:2.3:a:mcafee:application_change_control:8.0.0:hotfix4:*:*:*:*:*:*", "matchCriteriaId": "93402938-F29F-44D4-BBC5-0A25A363AB3C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system."}, {"lang": "es", "value": "Una vulnerabilidad de acceso, modificaci\u00f3n o ejecuci\u00f3n de archivos ejecutables en el cliente Microsoft Windows en McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 y anteriores permite que usuarios autenticados ejecuten c\u00f3digo arbitrario mediante la transferencia de archivos del sistema externo."}], "id": "CVE-2018-6690", "lastModified": "2023-11-07T03:00:24.270", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 4.2, "source": "trellixpsirt@trellix.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-18T22:29:00.413", "references": [{"source": "trellixpsirt@trellix.com", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-674165.pdf"}, {"source": "trellixpsirt@trellix.com", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10250"}], "sourceIdentifier": "trellixpsirt@trellix.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-346"}], "source": "nvd@nist.gov", "type": "Primary"}]}