McAfee VirusScan Enterprise < 8.8 / 8.7 HF643440 CLI Local Privilege Escalation (SB10014)

low Nessus Plugin ID 72204

Synopsis

The remote Windows host has an antivirus application that is affected by a CLI local privilege escalation vulnerability.

Description

The remote Windows host has a version of McAfee VirusScan Enterprise (VSE) prior to 8.8 or 8.7 Hot-Fix 643440. It is, therefore, reportedly affected by a CLI local privilege escalation vulnerability that could disable VSE and its connection to McAfee ePolicy Orchestrator (ePO).

Solution

Upgrade to VSE 8.8 (or later) or apply 8.7 Hot-Fix 643440.

See Also

https://kc.mcafee.com/corporate/index?page=content&id=SB10014

Plugin Details

Severity: Low

ID: 72204

File Name: mcafee_vse_sb10014.nasl

Version: 1.4

Type: local

Agent: windows

Family: Windows

Published: 1/29/2014

Updated: 11/26/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Low

Base Score: 2.6

Temporal Score: 1.9

Vector: CVSS2#AV:L/AC:H/Au:N/C:N/I:P/A:P

Vulnerability Information

CPE: cpe:/a:mcafee:virusscan_enterprise

Required KB Items: Antivirus/McAfee/installed

Exploit Ease: No known exploits are available

Patch Publication Date: 10/14/2011

Vulnerability Publication Date: 10/14/2011

Reference Information

CVE: CVE-2010-5143

MCAFEE-SB: SB10014