cvelist/2020/7xxx/CVE-2020-7311.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@mcafee.com",
        "DATE_PUBLIC": "2020-09-09T00:00:00.000Z",
        "ID": "CVE-2020-7311",
        "STATE": "PUBLIC",
        "TITLE": " Privilege Escalation vulnerability in MA for Windows "
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "MA for Windows",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_name": "5.6.x",
                                            "version_value": "5.6.6"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "McAfee LLC"
                }
            ]
        }
    },
    "credit": [
        {
            "lang": "eng",
            "value": "McAfee credits Sebastian Schuster from Airbus CyberSecurity for responsibly reporting this flaw."
        }
    ],
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files."
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.0.9"
    },
    "impact": {
        "cvss": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-269: Improper Privilege Management"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325",
                "refsource": "CONFIRM",
                "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"
            }
        ]
    },
    "source": {
        "discovery": "EXTERNAL"
    }
}
"-Synchronized-Data." 2020-01-21 14:01:28 +00:00			`{`
			`"CVE_data_meta": {`
Publish CVE-2020-7311.json SB is live 2020-09-10 15:11:56 +05:30			`"ASSIGNER": "psirt@mcafee.com",`
			`"DATE_PUBLIC": "2020-09-09T00:00:00.000Z",`
"-Synchronized-Data." 2020-01-21 14:01:28 +00:00			`"ID": "CVE-2020-7311",`
Publish CVE-2020-7311.json SB is live 2020-09-10 15:11:56 +05:30			`"STATE": "PUBLIC",`
			`"TITLE": " Privilege Escalation vulnerability in MA for Windows "`
"-Synchronized-Data." 2020-01-21 14:01:28 +00:00			`},`
Publish CVE-2020-7311.json SB is live 2020-09-10 15:11:56 +05:30			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "MA for Windows",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "<",`
			`"version_name": "5.6.x",`
			`"version_value": "5.6.6"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "McAfee LLC"`
			`}`
			`]`
			`}`
			`},`
			`"credit": [`
			`{`
			`"lang": "eng",`
			`"value": "McAfee credits Sebastian Schuster from Airbus CyberSecurity for responsibly reporting this flaw."`
			`}`
			`],`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
"-Synchronized-Data." 2020-01-21 14:01:28 +00:00			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
Publish CVE-2020-7311.json SB is live 2020-09-10 15:11:56 +05:30			`"value": "Privilege Escalation vulnerability in the installer in McAfee Agent (MA) for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files."`
			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.0.9"`
			`},`
			`"impact": {`
			`"cvss": {`
			`"attackComplexity": "HIGH",`
			`"attackVector": "LOCAL",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 7.8,`
			`"baseSeverity": "HIGH",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"privilegesRequired": "LOW",`
			`"scope": "CHANGED",`
			`"userInteraction": "NONE",`
			`"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",`
			`"version": "3.1"`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
Update CVE-2020-7311.json 2020-10-19 10:38:17 +01:00			`"value": "CWE-269: Improper Privilege Management"`
Publish CVE-2020-7311.json SB is live 2020-09-10 15:11:56 +05:30			`}`
			`]`
"-Synchronized-Data." 2020-01-21 14:01:28 +00:00			`}`
			`]`
Publish CVE-2020-7311.json SB is live 2020-09-10 15:11:56 +05:30			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325",`
			`"refsource": "CONFIRM",`
			`"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10325"`
			`}`
			`]`
			`},`
			`"source": {`
			`"discovery": "EXTERNAL"`
"-Synchronized-Data." 2020-01-21 14:01:28 +00:00			`}`
Publish CVE-2020-7311.json SB is live 2020-09-10 15:11:56 +05:30			`}`