admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-10 10:00:40 +00:00
parent 09307fbf28
commit fdd4f3d9e3
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
2021/23xxx/CVE-2021-23878.json
View File

@ -1,6 +1,6 @@
{
"CVE_data_meta": {
"ASSIGNER": "pisrt@mcafee.com",
"ASSIGNER": "psirt@mcafee.com",
"DATE_PUBLIC": "2021-02-10T00:00:00.000Z",
"ID": "CVE-2021-23878",
"STATE": "PUBLIC",
@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions.\nTo exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine"
"value": "Clear text storage of sensitive Information in memory vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows a local user to view ENS settings and credentials via accessing process memory after the ENS administrator has performed specific actions. To exploit this, the local user has to access the relevant memory location immediately after an ENS administrator has made a configuration change through the console on their machine"
}
]
},
@ -91,4 +91,4 @@
"source": {
"discovery": "EXTERNAL"
}
}
}

4
2021/23xxx/CVE-2021-23882.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed.\nThis is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade."
"value": "Improper Access Control vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update allows local administrators to prevent the installation of some ENS files by placing carefully crafted files where ENS will be installed. This is only applicable to clean installations of ENS as the Access Control rules will prevent modification prior to up an upgrade."
}
]
},
@ -85,4 +85,4 @@
"source": {
"discovery": "INTERNAL"
}
}
}