CVE-2016-3984 Information

Feb 14, 2021 cve

Description

The McAfee VirusScan Console (mcconsol.exe) in McAfee Active Response (MAR) before 1.1.0.161 Agent (MA) 5.x before 5.0.2 Hotfix 1110392 (5.0.2.333) Data Exchange Layer 2.x (DXL) before 2.0.1.140.1 Data Loss Prevention Endpoint (DLPe) 9.3 before Patch 6 and 9.4 before Patch 1 HF3 Device Control (MDC) 9.3 before Patch 6 and 9.4 before Patch 1 HF3 Endpoint Security (ENS) 10.x before 10.1 Host Intrusion Prevention Service (IPS) 8.0 before 8.0.0.3624 and VirusScan Enterprise (VSE) 8.8 before P7 (8.8.0.1528) on Windows allows local administrators to bypass intended self-protection rules and disable the antivirus engine by modifying registry keys.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H

Reference

http://lab.mediaservice.net/advisory/2016-01-mcafee.txt http://seclists.org/fulldisclosure/2016/Mar/13 http://www.securitytracker.com/id/1035130 https://kc.mcafee.com/corporate/index?page=content&id=SB10151 https://www.exploit-db.com/exploits/39531/

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction Required

HIGH

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

HIGH

Base Severity

5.1

Share on: