Update CVE-2018-6668.json

2025-06-12 02:05:39 +00:00 · 2018-12-31 10:56:18 -06:00 · 2018-12-31 10:56:18 -06:00 · f269593f3c
commit f269593f3c
parent 3d0ae0df67
1 changed files with 85 additions and 11 deletions
--- a/2018/6xxx/CVE-2018-6668.json
+++ b/2018/6xxx/CVE-2018-6668.json
@ -1,18 +1,92 @@
 {
-   "CVE_data_meta" : {
+   "CVE_data_meta": {
-      "ASSIGNER" : "cve@mitre.org",
+      "ASSIGNER": "psirt@mcafee.com",
-      "ID" : "CVE-2018-6668",
+      "ID": "CVE-2018-6668",
-      "STATE" : "RESERVED"
+      "STATE": "PUBLIC",
      "TITLE": "Bypass Application Control with simple DLL"
   },
-   "data_format" : "MITRE",
+   "affects": {
-   "data_type" : "CVE",
+      "vendor": {
-   "data_version" : "4.0",
+         "vendor_data": [
-   "description" : {
+            {
-      "description_data" : [
+               "product": {
                  "product_data": [
                     {
                        "product_name": "Application and Change Control",
                        "version": {
                           "version_data": [
                              {
                                 "affected": "<=",
                                 "platform": "x86",
                                 "version_name": "7.0.1",
                                 "version_value": "7.0.1"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name": "McAfee"
            }
         ]
      }
   },
   "data_format": "MITRE",
   "data_type": "CVE",
   "data_version": "4.0",
   "description": {
      "description_data": [
         {
-            "lang" : "eng",
+            "lang": "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided."
+            "value": "A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL through interpreters such as PowerShell."
         }
      ]
   },
   "impact": {
      "cvss": {
         "attackComplexity": "LOW",
         "attackVector": "LOCAL",
         "availabilityImpact": "HIGH",
         "baseScore": 6.1,
         "baseSeverity": "MEDIUM",
         "confidentialityImpact": "LOW",
         "integrityImpact": "NONE",
         "privilegesRequired": "LOW",
         "scope": "UNCHANGED",
         "userInteraction": "NONE",
         "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
         "version": "3.0"
      }
   },
   "problemtype": {
      "problemtype_data": [
         {
            "description": [
               {
                  "lang": "eng",
                  "value": "whitelist bypass vulnerability "
               }
            ]
         }
      ]
   },
   "references": {
      "reference_data": [
         {
            "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10261",
            "refsource": "CONFIRM",
            "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10261"
         }
      ]
   },
   "solution": [
      {
         "lang": "eng",
         "value": "Install or update to McAfee Application and Change Control (MACC) Application 8.0.0 and MACC ePO extension 8.0.0 or later."
      }
   ],
   "source": {
      "advisory": "SB10261",
      "discovery": "EXTERNAL"
   }
 }