Vulnerability Description
Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification protection provided by MACC, permitting them to run applications that would usually be prevented by MACC. This would require the attacker to rename the specified binary to match name of any configured updater and perform a specific set of steps, resulting in the renamed binary to be to run.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mcafee | Application And Change Control | < 8.3.4 |
Related Weaknesses (CWE)
References
- https://kc.mcafee.com/corporate/index?page=content&id=SB10370Broken Link
- https://kc.mcafee.com/corporate/index?page=content&id=SB10370Broken Link
FAQ
What is CVE-2021-31833?
CVE-2021-31833 is a vulnerability with a CVSS score of 7.1 (HIGH). Potential product security bypass vulnerability in McAfee Application and Change Control (MACC) prior to version 8.3.4 allows a locally logged in attacker to circumvent the application solidification ...
How severe is CVE-2021-31833?
CVE-2021-31833 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-31833?
Check the references section above for vendor advisories and patch information. Affected products include: Mcafee Application And Change Control.