McAfee Host Intrusion Prevention Services < 8.0.0.3828 Authentication Bypass (SB10173)

medium Nessus Plugin ID 95469

Synopsis

A security application installed on the remote host is affected by an authentication bypass vulnerability.

Description

The version of McAfee Host Intrusion Prevention Services (HIPS) is prior to 8.0.0.3828. It is, therefore, affected by an authentication bypass vulnerability due to improper registry key permissions. A local attacker can exploit this, under certain conditions, to manipulate the product's registry keys.

Solution

Upgrade to McAfee Host Intrusion Prevention Services 8.0 Patch 8 (8.0.0.3828) or later.

See Also

https://kc.mcafee.com/corporate/index?page=content&id=SB10173

https://kc.mcafee.com/corporate/index?page=content&id=KB70778

Plugin Details

Severity: Medium

ID: 95469

File Name: mcafee_hips_8_0_0_3828.nasl

Version: 1.7

Type: local

Agent: windows

Family: Windows

Published: 12/2/2016

Updated: 11/13/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

CVSS v2

Risk Factor: Low

Base Score: 3

Temporal Score: 2.2

Vector: CVSS2#AV:L/AC:M/Au:S/C:N/I:P/A:P

CVSS Score Source: CVE-2016-8007

CVSS v3

Risk Factor: Medium

Base Score: 6.3

Temporal Score: 5.5

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:mcafee:host_intrusion_prevention

Required KB Items: installed_sw/McAfee Host Intrusion Prevention

Exploit Ease: No known exploits are available

Patch Publication Date: 8/25/2016

Vulnerability Publication Date: 10/19/2016

Reference Information

CVE: CVE-2016-8007

BID: 93813

IAVB: 2016-B-0170

MCAFEE-SB: SB10173